[ALSA-2026:8842] Important: delve security update
Type:
security
Severity:
important
Release date:
2026-04-20
Description:
Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * crypto/x509: Incorrect enforcement of email constraints in crypto/x509 (CVE-2026-27137) * net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 delve-1.25.2-3.el10_1.aarch64.rpm 79895b5ba81f2bf55eb2636c1594476ee3735754a0f008fe09467ec01835662c
ppc64le delve-1.25.2-3.el10_1.ppc64le.rpm 7bad625d96f35f98021e065a242b5b0022dbc2f58dab399b1201ecce0d101b0a
x86_64 delve-1.25.2-3.el10_1.x86_64.rpm 42a50a5d54bcbdb6c0cd2c360fc785b6aa5a9739c2d9ff7abbb6153ebb7d52b8
x86_64_v2 delve-1.25.2-3.el10_1.x86_64_v2.rpm ce74bc201a0b349b28426f4ae677d03902bf1eaa3d105b9147be5fe1d3ad59ce
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.