[ALSA-2026:37436] Important: golang security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2026-07-13
Description:
The golang packages provide the Go programming language compiler. Security Fix(es): * golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821) * os: golang: Go os.Root: Symlink following vulnerability allows directory traversal (CVE-2026-39822) Bug Fix(es) and Enhancement(s): * Update Go to version 1.26.5+1 [almalinux-10.2.z] (JIRA:AlmaLinux-193473) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 go-toolset-1.26.5-1.el10_2.alma.1.aarch64.rpm 11e1280db9ea847faf8ac1aa091367243d060e16254d4be9e1c9320a784ef4d1
aarch64 golang-1.26.5-1.el10_2.alma.1.aarch64.rpm 58851081d6bbf0ac67b3707396e1ae7375580e86a270f9ed9842af54e385e606
aarch64 golang-race-1.26.5-1.el10_2.alma.1.aarch64.rpm b2595b3a89d36725a1a40e02f0fc44f176662e12b29737946ae976e36180433b
aarch64 golang-bin-1.26.5-1.el10_2.alma.1.aarch64.rpm db83a7a41d4ae502378dea041566968f8a11934164cfcf266d0d5feccb7d1e2e
noarch golang-misc-1.26.5-1.el10_2.alma.1.noarch.rpm 8b1baa3232557c008b80897b0d878d2d32cb781b8cc9b3418c2541f114ab8bd2
noarch golang-docs-1.26.5-1.el10_2.alma.1.noarch.rpm e79232aca5b77e65b500df22bd8d4d8328e0c2dce6833e3fc94730d5830a9c07
noarch golang-tests-1.26.5-1.el10_2.alma.1.noarch.rpm e793fc42fe1650f9a19106e8b5b7a3d9bdb7d8d0204ee5e5af2c808d2d66a9bc
noarch golang-src-1.26.5-1.el10_2.alma.1.noarch.rpm ec33bba2e56c497962b088c3e47106cc014d357d9e7a0743489c3b9f1da82635
ppc64le golang-1.26.5-1.el10_2.alma.1.ppc64le.rpm 1c19213e66ca22728e3377f0e22085da4e0cb182cac94a13130c66c8080f1e7d
ppc64le go-toolset-1.26.5-1.el10_2.alma.1.ppc64le.rpm 99085b04d1ab2127d96fc4264f7d19e5b209518db8f9ad59786bd249fad204ff
ppc64le golang-bin-1.26.5-1.el10_2.alma.1.ppc64le.rpm ae9e8e6d7f13aafa4094ff0fe03e57ef819cf684fd4b1622ed2907092320cf2f
ppc64le golang-race-1.26.5-1.el10_2.alma.1.ppc64le.rpm f7bc01b4411f1e6859681934a04185bde4fb606e349bf0ce0543e8e9bb85f127
s390x golang-bin-1.26.5-1.el10_2.alma.1.s390x.rpm 2dd88c2ddc216c3fe212158aade973a77ed61e524322c29b91762a15f0010b68
s390x golang-race-1.26.5-1.el10_2.alma.1.s390x.rpm 315ebcc467d4b90ae121247466a86fe036b0bf77b4a7ff5a8dde5d520e2cf6b3
s390x go-toolset-1.26.5-1.el10_2.alma.1.s390x.rpm 477ceaa2e0c1c092ebf520834725ebafb9061c93e2a350dd42430ba037030ef1
s390x golang-1.26.5-1.el10_2.alma.1.s390x.rpm 65d15465154e3438ec0fa7beefa4abf5351fe037b518a4ac875661d3de3129fe
x86_64 golang-1.26.5-1.el10_2.alma.1.x86_64.rpm 05f1f1b2a2f7f0a865876ab564cb8e2c43164372af3c431aaa34613653c9ec8c
x86_64 golang-race-1.26.5-1.el10_2.alma.1.x86_64.rpm 56a18be868c200ba2e8561499a87f78c51516230c1cedb894fba81daaaed7ecc
x86_64 golang-bin-1.26.5-1.el10_2.alma.1.x86_64.rpm db95e3495c07d8f14379c8d8294766478501f2e43087bf4b2a3b41728ea5b022
x86_64 go-toolset-1.26.5-1.el10_2.alma.1.x86_64.rpm f17a2aab2b29fb1398d359c5bdf5586a4f2e27d3771b92325a5b5b27c2d58507
x86_64_v2 golang-race-1.26.5-1.el10_2.alma.1.x86_64_v2.rpm 1cbc991bfa4a6ec99710a35e42664973cfa342027ab24531211da4d4dbadc94d
x86_64_v2 golang-bin-1.26.5-1.el10_2.alma.1.x86_64_v2.rpm 542beb74da91ed137790a16c21e393398806c6ba7ca08f0c1792cdce64bf9742
x86_64_v2 go-toolset-1.26.5-1.el10_2.alma.1.x86_64_v2.rpm 613da6b6cf04438a7a695c602d3f4791b89456ad9fe4e1adcdcbeca2a02197de
x86_64_v2 golang-1.26.5-1.el10_2.alma.1.x86_64_v2.rpm e1166f3fef5f21e4d793e4662fa7b28c2cfb0946536a43bb063399e734502503
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.