Description:
This package provides a server-side implementation of the FIDO Device Onboard (FDO) specification, written in Go. FDO is an open standard for the late binding of device credentials, allowing for automated and secure on-boarding of devices when they are first powered on in their final location.
Security Fix(es):
* github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability (CVE-2026-33816)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
go-fdo-server-1.0.1-1.el10_2.aarch64.rpm |
5ab498e6933546fa79e2c6c9fe41f8d907a2d9b00a4e5cea62c56b5002b17c76 |
| noarch |
go-fdo-server-rendezvous-1.0.1-1.el10_2.noarch.rpm |
2f723b54c36ddf004e4bea960e425128bf2d983f8a3113e157997f07bad4fa7a |
| noarch |
go-fdo-server-owner-1.0.1-1.el10_2.noarch.rpm |
4fdde5d0f325c9777d1a0493b93f5f958290c8b3b8c46095516d2e7e8ea2d03e |
| noarch |
go-fdo-server-manufacturer-1.0.1-1.el10_2.noarch.rpm |
503719bae2e16f1ef8bfb6389d8210cb55c14a40a4f7f7f00e40c82bfd1f8095 |
| x86_64 |
go-fdo-server-1.0.1-1.el10_2.x86_64.rpm |
4e4fb74f429d74df1306269d2e2420e7c56b3e85e8ae93e0444ee4a7e5617934 |
| x86_64_v2 |
go-fdo-server-1.0.1-1.el10_2.x86_64_v2.rpm |
69a0191d7f1f7afd0e75e34877711add0ace146c613e15b094231ecf3a9c0d94 |
