ALSA-2025:8477

[ALSA-2025:8477] Moderate: golang security update

Type:

security

Severity:

moderate

Release date:

2025-06-06

Description:

The golang packages provide the Go programming language compiler.  

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
noarch	golang-tests-1.23.9-1.el10_0.alma.1.noarch.rpm	00e60c19689c0f2e7d2e817f90132c335c5583606d99ac13703d0b124d6cf551
noarch	golang-src-1.23.9-1.el10_0.alma.1.noarch.rpm	2036a343c1d5507d584f0713b31288af2fc03c4382841e1b17d32b448672df21
noarch	golang-misc-1.23.9-1.el10_0.alma.1.noarch.rpm	c0800303ba8c1812ce68d90b3d81bbae8e262381b9275497f936d720c364c28e
noarch	golang-docs-1.23.9-1.el10_0.alma.1.noarch.rpm	d693ab7438e6da5bb5fbfa2bdd101f6cfa555dfc44b6afc9b45c2144a68529f9

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.