ALSA-2024:0887

[ALSA-2024:0887] Moderate: go-toolset:rhel8 security update

Type:

security

Severity:

moderate

Release date:

2024-02-22

Description:

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. 

Security Fix(es):

* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* golang: cmd/go: Protocol Fallback when fetching modules (CVE-2023-45285)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.aarch64.rpm	36ca971aa2a293175a8d662662348a703f3f4b81ce0b6258d8289c088fd8b024
aarch64	golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.aarch64.rpm	a4b6795f597a49776210c08559e8d8b1ddec381e1e236d4e0f72bdf373e4d0bd
aarch64	golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.aarch64.rpm	b38e06be6895c93bdf69ca966103b60b26344adf4ab52e0ebf99c22bfa1fcc43
noarch	golang-src-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm	4b2529a8fec201a8b0eb862980a7b8cbebad1b79b2dd3767c1f59278fda99ad6
noarch	golang-docs-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm	55beb2cc2b7eea7d42de72537d232bab18d6494e3819125ebdf7b0ab2aa5957f
noarch	golang-tests-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm	6abcd2e55053affff3fd5cec68dc037431d1826d7fef90626ad7b7ab1daf90db
noarch	golang-misc-1.20.12-2.module_el8.9.0+3728+f1d47c6f.noarch.rpm	99b16ffb898703debec3c40606698f6a6a8111c7151fc892e33beb8d28d06667
ppc64le	golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.ppc64le.rpm	ad952490cb7790f1e203ea25730205e3cb01f140910748b59a6a885d1c1e6b03
ppc64le	golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.ppc64le.rpm	e10e8215f914d5e0daa80c1701d2370ec80ece9ff0c8a062e9e4b93081403f3c
ppc64le	go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.ppc64le.rpm	e9d4ac62e3cf17d12694168909a56852cd5147fd0db1ed7b0eead3759c55f02a
s390x	golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.s390x.rpm	7260bc2ae83e3a4ca3c3f665ec8dae377b326fbb58cc509954dbf6bafbc44b3e
s390x	go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.s390x.rpm	7faca76560a577de35bc3154a7837075efd9c8d65ac26e99d125c851bf194b8d
s390x	golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.s390x.rpm	e858a1dd7612cfba0be9637a037275c75136f5e2159f4478f011685e85ca434e
x86_64	golang-1.20.12-2.module_el8.9.0+3728+f1d47c6f.x86_64.rpm	1bbb9dac6499e0b4f637d4416da5b100bfa12785636722bfb2cb6f0b2c9776a4
x86_64	delve-1.20.2-1.module_el8.9.0+3642+43318da8.x86_64.rpm	958fc28fde30ecf442f9b5a588413780eb9c7b56243673ff501c8d0a32c6f389
x86_64	golang-bin-1.20.12-2.module_el8.9.0+3728+f1d47c6f.x86_64.rpm	b07b438d0389187c8d554e566e1af0dca77b94fc568c9c8d1b4e96487c842dcc
x86_64	go-toolset-1.20.12-1.module_el8.9.0+3728+f1d47c6f.x86_64.rpm	fd1437e6771b0f8653bb3ad7cd159c8a34410df57e0f52b6210e57da8dfdb0b4

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.