9327 important openSUSE Leap 42.3 Update This new package for go1.11 fixes the following issues: Security issues fixed: - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag (bsc#1118897) - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution (bsc#1118898) - CVE-2018-16875: Fixed a Denial of Service in the crypto/x509 package during certificate chain validation(bsc#1118899) Non-security issues fixed: - Fixed build error with PIE linker flags on ppc64le (bsc#1113978 bsc#1098017) - Make profile.d/go.sh no longer set GOROOT=, in order to make switching between versions no longer break. This ends up removing the need for go.sh entirely (because GOPATH is also set automatically) (bsc#1119634) The following tracked regression fix is included: - Fix a regression that broke go get for import path patterns containing "..." (bsc#1119706) go1.11-1.11.4-2.1.i586.rpm go1.11-1.11.4-2.1.src.rpm go1.11-doc-1.11.4-2.1.i586.rpm go1.11-1.11.4-2.1.x86_64.rpm go1.11-doc-1.11.4-2.1.x86_64.rpm go1.11-race-1.11.4-2.1.x86_64.rpm