ALSA-2023:5721

[ALSA-2023:5721] Important: go-toolset:rhel8 security update

Type:

security

Severity:

important

Release date:

2023-10-17

Description:

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. 

Security Fix(es):

* golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	golang-bin-1.19.13-1.module_el8.8.0+3625+a06035cf.aarch64.rpm	b05d958fd32c71003b459db8cf42a18d4745eacc25d1616b095cda48c80fa918
aarch64	go-toolset-1.19.13-1.module_el8.8.0+3625+a06035cf.aarch64.rpm	ee518b5da12416ae2b155fa312ead0c5bc4d0d3e529cc2cf7cdb5a8ad6ccd149
aarch64	golang-1.19.13-1.module_el8.8.0+3625+a06035cf.aarch64.rpm	f12802e5a8fb80c9584a6762edacac065b4678b95cfec19581cbdff9cf2083ed
noarch	golang-src-1.19.13-1.module_el8.8.0+3625+a06035cf.noarch.rpm	34a5c4f1a214bdf59275050135043b427cabd5afdc722c5d32786074daeb19c3
noarch	golang-misc-1.19.13-1.module_el8.8.0+3625+a06035cf.noarch.rpm	37c94e3103e1e1d09e98fd782d304b2c522449bbcad45c8bf2b2d1ec3527324b
noarch	golang-tests-1.19.13-1.module_el8.8.0+3625+a06035cf.noarch.rpm	9034ab467c4923424ace0ae804a9111010560a7c9f49d35529381fc9ca21d8e3
noarch	golang-docs-1.19.13-1.module_el8.8.0+3625+a06035cf.noarch.rpm	ed86c0fd6696b5159c9b7f8dc9e46c14b2a2d73d008954aec30f6094e0e53241
ppc64le	go-toolset-1.19.13-1.module_el8.8.0+3625+a06035cf.ppc64le.rpm	0721a61f818f6fdb71eb6c3a1c045649cca37337225d9e00e830c4c3af66c3f4
ppc64le	golang-1.19.13-1.module_el8.8.0+3625+a06035cf.ppc64le.rpm	b26174f20a7849e907d6897e43f1341a15866b484b98ba983a333c0418e1419e
ppc64le	golang-bin-1.19.13-1.module_el8.8.0+3625+a06035cf.ppc64le.rpm	efa7c1ff9652e77e19aa423c9980b0fd6c92a0fde831c3df1f7d3fcc399e79e9
s390x	go-toolset-1.19.13-1.module_el8.8.0+3625+a06035cf.s390x.rpm	9a73aa21c4b5469a5d29b9b5f65dc467ce27b161735ca06e188ca4153e412dcd
s390x	golang-bin-1.19.13-1.module_el8.8.0+3625+a06035cf.s390x.rpm	ee34cc1e755206e747bcf221adfa5b00ce4f63c0481d6991a12199ca29ed3e3d
s390x	golang-1.19.13-1.module_el8.8.0+3625+a06035cf.s390x.rpm	fc76a9cd4b7cf835cf40c4faf7f3ae1c22c8ed4f9525d548843b6e96f49572c2
x86_64	go-toolset-1.19.13-1.module_el8.8.0+3625+a06035cf.x86_64.rpm	016c9c62bceb1cda4dc78ca59450129f269a61053e508074bd096df4c35a10c5
x86_64	golang-1.19.13-1.module_el8.8.0+3625+a06035cf.x86_64.rpm	0a429419e0e7228d041304bf344c9e4b7534c30a8364cc7d418ab5577b8ede43
x86_64	golang-bin-1.19.13-1.module_el8.8.0+3625+a06035cf.x86_64.rpm	19960cec55ee13de64173f53c1971c3c5ff13ca91a6391bcf5cab8bdf27fed5f
x86_64	golang-race-1.19.13-1.module_el8.8.0+3625+a06035cf.x86_64.rpm	2fa836df691d0dc7027d4df688a49a98492f80ad80b264bb26513e486693de57
x86_64	delve-1.9.1-1.module_el8.8.0+3471+a62632a0.x86_64.rpm	df41ef398e85a6e48293b7f526ceec3bba4a56e14cd3993dc095e7a1240e3618

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.