{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 7, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "This update includes a security fix to the net/http package, as well as bug fixes to the compiler, cgo, the cover tool, the go command, the runtime, and the crypto/ecdsa, go/build, go/printer, net/mail, and text/template packages.", "type": "security", "status": "obsolete", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": false, "critpath": false, "critpath_groups": "", "close_bugs": true, "date_submitted": "2023-07-17 14:50:29", "date_modified": null, "date_approved": null, "date_testing": "2023-07-19 01:44:43", "date_stable": null, "alias": "FEDORA-2023-8a135f6aa7", "test_gating_status": "failed", "from_tag": null, "date_pushed": "2023-07-19 01:44:43", "meets_testing_requirements": false, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2023-8a135f6aa7", "title": "golang-1.19.11-1.fc37", "version_hash": "44123d6776e57c1db45175b9ccfc820c9d71654a", "release": {"name": "F37", "long_name": "Fedora 37", "version": "37", "id_prefix": "FEDORA", "branch": "f37", "dist_tag": "f37", "stable_tag": "f37-updates", "testing_tag": "f37-updates-testing", "candidate_tag": "f37-updates-candidate", "pending_signing_tag": "f37-signing-pending", "pending_testing_tag": "f37-updates-testing-pending", "pending_stable_tag": "f37-updates-pending", "override_tag": "f37-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2023-12-05", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "alexsaezm", "email": "asm@redhat.com", "id": 5548, "avatar": "https://seccdn.libravatar.org/avatar/cc566d6a082db4edb13a0e7981b110886fbf2c43e457aa93a6b6cfb3698a5b45?s=24&d=retro", "openid": "alexsaezm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "go-sig-admin"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by alexsaezm. ", "timestamp": "2023-07-17 14:50:29", "update_id": 528208, "user_id": 91, "id": 3107258, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2023-07-17 14:50:29", "update_id": 528208, "user_id": 91, "id": 3107259, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2023-07-19 01:45:25", "update_id": 528208, "user_id": 91, "id": 3109666, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2023-07-19 02:09:57", "update_id": 528208, "user_id": 91, "id": 3109697, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:04:28", "update_id": 528208, "user_id": 6926, "id": 3111442, "bug_feedback": [{"karma": 0, "comment_id": 3111442, "bug_id": 2217561, "bug": {"bug_id": 2217561, "title": "CVE-2023-29403 golang: runtime: unexpected behavior of setuid/setgid binaries [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217564, "bug": {"bug_id": 2217564, "title": "CVE-2023-29402 golang: go command may generate unexpected code at build time when using cgo [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217567, "bug": {"bug_id": 2217567, "title": "CVE-2023-29404 golang: go command may execute arbitrary code at build time when using cgo [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217571, "bug": {"bug_id": 2217571, "title": "CVE-2023-29405 golang: Arbitratry code execution triggered by linker flags [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been obsoleted by [golang-1.19.12-1.fc37](https://bodhi.fedoraproject.org/updates/FEDORA-2023-1819dc9854).", "timestamp": "2023-08-02 16:13:24", "update_id": 528208, "user_id": 91, "id": 3143583, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "golang-1.19.11-1.fc37", "signed": true, "release_id": 62, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 2217561, "title": "CVE-2023-29403 golang: runtime: unexpected behavior of setuid/setgid binaries [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3108627, "bug_id": 2217561, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-18 07:17:13", "update_id": 528209, "user_id": 6938, "id": 3108627, "testcase_feedback": [], "user": {"name": "solopasha", "email": "daron439@gmail.com", "id": 6938, "avatar": "https://seccdn.libravatar.org/avatar/2a6596f3c4499c343ef287f80f2f6dbf703cd19847398e7636662909bb314d30?s=24&d=retro", "openid": "solopasha.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 3110696, "bug_id": 2217561, "comment": {"karma": 1, "karma_critpath": 0, "text": "Required by k8s 1.26.7. Looks good", "timestamp": "2023-07-19 22:28:28", "update_id": 528209, "user_id": 6926, "id": 3110696, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3111446, "bug_id": 2217561, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:05:07", "update_id": 528209, "user_id": 3703, "id": 3111446, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217561, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:04:28", "update_id": 528208, "user_id": 6926, "id": 3111442, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3152752, "bug_id": 2217561, "comment": {"karma": 0, "karma_critpath": 0, "text": "", "timestamp": "2023-08-09 15:06:02", "update_id": 535663, "user_id": 5548, "id": 3152752, "testcase_feedback": [], "user": {"name": "alexsaezm", "email": "asm@redhat.com", "id": 5548, "avatar": "https://seccdn.libravatar.org/avatar/cc566d6a082db4edb13a0e7981b110886fbf2c43e457aa93a6b6cfb3698a5b45?s=24&d=retro", "openid": "alexsaezm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "go-sig-admin"}]}}}]}, {"bug_id": 2217564, "title": "CVE-2023-29402 golang: go command may generate unexpected code at build time when using cgo [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3108627, "bug_id": 2217564, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-18 07:17:13", "update_id": 528209, "user_id": 6938, "id": 3108627, "testcase_feedback": [], "user": {"name": "solopasha", "email": "daron439@gmail.com", "id": 6938, "avatar": "https://seccdn.libravatar.org/avatar/2a6596f3c4499c343ef287f80f2f6dbf703cd19847398e7636662909bb314d30?s=24&d=retro", "openid": "solopasha.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 3110696, "bug_id": 2217564, "comment": {"karma": 1, "karma_critpath": 0, "text": "Required by k8s 1.26.7. Looks good", "timestamp": "2023-07-19 22:28:28", "update_id": 528209, "user_id": 6926, "id": 3110696, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3111446, "bug_id": 2217564, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:05:07", "update_id": 528209, "user_id": 3703, "id": 3111446, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217564, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:04:28", "update_id": 528208, "user_id": 6926, "id": 3111442, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3152752, "bug_id": 2217564, "comment": {"karma": 0, "karma_critpath": 0, "text": "", "timestamp": "2023-08-09 15:06:02", "update_id": 535663, "user_id": 5548, "id": 3152752, "testcase_feedback": [], "user": {"name": "alexsaezm", "email": "asm@redhat.com", "id": 5548, "avatar": "https://seccdn.libravatar.org/avatar/cc566d6a082db4edb13a0e7981b110886fbf2c43e457aa93a6b6cfb3698a5b45?s=24&d=retro", "openid": "alexsaezm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "go-sig-admin"}]}}}]}, {"bug_id": 2217567, "title": "CVE-2023-29404 golang: go command may execute arbitrary code at build time when using cgo [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3108627, "bug_id": 2217567, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-18 07:17:13", "update_id": 528209, "user_id": 6938, "id": 3108627, "testcase_feedback": [], "user": {"name": "solopasha", "email": "daron439@gmail.com", "id": 6938, "avatar": "https://seccdn.libravatar.org/avatar/2a6596f3c4499c343ef287f80f2f6dbf703cd19847398e7636662909bb314d30?s=24&d=retro", "openid": "solopasha.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 3110696, "bug_id": 2217567, "comment": {"karma": 1, "karma_critpath": 0, "text": "Required by k8s 1.26.7. Looks good", "timestamp": "2023-07-19 22:28:28", "update_id": 528209, "user_id": 6926, "id": 3110696, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3111446, "bug_id": 2217567, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:05:07", "update_id": 528209, "user_id": 3703, "id": 3111446, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217567, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:04:28", "update_id": 528208, "user_id": 6926, "id": 3111442, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3152752, "bug_id": 2217567, "comment": {"karma": 0, "karma_critpath": 0, "text": "", "timestamp": "2023-08-09 15:06:02", "update_id": 535663, "user_id": 5548, "id": 3152752, "testcase_feedback": [], "user": {"name": "alexsaezm", "email": "asm@redhat.com", "id": 5548, "avatar": "https://seccdn.libravatar.org/avatar/cc566d6a082db4edb13a0e7981b110886fbf2c43e457aa93a6b6cfb3698a5b45?s=24&d=retro", "openid": "alexsaezm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "go-sig-admin"}]}}}]}, {"bug_id": 2217571, "title": "CVE-2023-29405 golang: Arbitratry code execution triggered by linker flags [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3108627, "bug_id": 2217571, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-18 07:17:13", "update_id": 528209, "user_id": 6938, "id": 3108627, "testcase_feedback": [], "user": {"name": "solopasha", "email": "daron439@gmail.com", "id": 6938, "avatar": "https://seccdn.libravatar.org/avatar/2a6596f3c4499c343ef287f80f2f6dbf703cd19847398e7636662909bb314d30?s=24&d=retro", "openid": "solopasha.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 3110696, "bug_id": 2217571, "comment": {"karma": 1, "karma_critpath": 0, "text": "Required by k8s 1.26.7. Looks good", "timestamp": "2023-07-19 22:28:28", "update_id": 528209, "user_id": 6926, "id": 3110696, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3111446, "bug_id": 2217571, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:05:07", "update_id": 528209, "user_id": 3703, "id": 3111446, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 3111442, "bug_id": 2217571, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-07-20 15:04:28", "update_id": 528208, "user_id": 6926, "id": 3111442, "testcase_feedback": [], "user": {"name": "buckaroogeek", "email": "bradley.g.smith@gmail.com", "id": 6926, "avatar": "https://seccdn.libravatar.org/avatar/876afe663df3c95c434929a1576f904ce2a208a845c16b392ddfeb491b40de28?s=24&d=retro", "openid": "buckaroogeek.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3152752, "bug_id": 2217571, "comment": {"karma": 0, "karma_critpath": 0, "text": "", "timestamp": "2023-08-09 15:06:02", "update_id": 535663, "user_id": 5548, "id": 3152752, "testcase_feedback": [], "user": {"name": "alexsaezm", "email": "asm@redhat.com", "id": 5548, "avatar": "https://seccdn.libravatar.org/avatar/cc566d6a082db4edb13a0e7981b110886fbf2c43e457aa93a6b6cfb3698a5b45?s=24&d=retro", "openid": "alexsaezm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "go-sig-admin"}]}}}]}], "updateid": "FEDORA-2023-8a135f6aa7", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}