ALSA-2025:22668

[ALSA-2025:22668] Moderate: go-toolset:rhel8 security update

Type:

security

Severity:

moderate

Release date:

2025-12-05

Description:

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.   

Security Fix(es):  

  * os/exec: Unexpected paths returned from LookPath in os/exec (CVE-2025-47906)
  * golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	golang-bin-1.25.3-2.module_el8.10.0+4074+24330916.aarch64.rpm	87802d3679b40af0a3132ad45e4ef16dad662ea705a0e80ee9f95c5af84aa364
aarch64	delve-1.25.2-1.module_el8.10.0+4074+24330916.aarch64.rpm	88f630e03417fb2d3eb2d58ecb082b2dc0cec1276445da41571e47d1d3fbfc26
aarch64	golang-race-1.25.3-2.module_el8.10.0+4074+24330916.aarch64.rpm	bd2ef970d94d6ece072cf966af292fdd53c4d6f9a3a85e087e208f2a3993141b
aarch64	go-toolset-1.25.3-2.module_el8.10.0+4074+24330916.aarch64.rpm	e68e90907b1cc99fc8653ab9d73e9836e2899840aa4b23950383a59b61701ee3
aarch64	golang-1.25.3-2.module_el8.10.0+4074+24330916.aarch64.rpm	eb7f77a47b7c3c5575b8cbddf2bbc4c254f83202fc6f10ce8eabb472abee301a
noarch	golang-docs-1.25.3-2.module_el8.10.0+4074+24330916.noarch.rpm	3b33f78901d2b8918618ec42b759be0b174b88d7dc438540611eefbb4d12928f
noarch	golang-tests-1.25.3-2.module_el8.10.0+4074+24330916.noarch.rpm	5c58a68a17ced497741e6c355415900cfbb6382201ab0703320f7d03772972b7
noarch	golang-src-1.25.3-2.module_el8.10.0+4074+24330916.noarch.rpm	68a3f4c1ba2fd328ca788c7c6c878c141d67c44102c45a88d3e35777d6e48ae5
noarch	golang-misc-1.25.3-2.module_el8.10.0+4074+24330916.noarch.rpm	9af91e8ef0ed3b8b394d9ad080b718345c71e9e968ab39ba0030a7c7d22de1d5
ppc64le	go-toolset-1.25.3-2.module_el8.10.0+4074+24330916.ppc64le.rpm	110d3238e709b079764a49eccc8e9625a510d85f63b331cceed74538c1ce1fda
ppc64le	delve-1.25.2-1.module_el8.10.0+4074+24330916.ppc64le.rpm	17d4c313ef3d0be4e1327a134976fe78c5a06923d13ce8f0bc7c2c3bf4e71eab
ppc64le	golang-1.25.3-2.module_el8.10.0+4074+24330916.ppc64le.rpm	25bf6ddf146881b2fd281e40076268a21def0b7d1907722f5d6ac6e72bebd0e1
ppc64le	golang-bin-1.25.3-2.module_el8.10.0+4074+24330916.ppc64le.rpm	cf9356a309f55ac0283f3988b208ea515b04ef6c28d3461ad4d2f543ea321bd9
ppc64le	golang-race-1.25.3-2.module_el8.10.0+4074+24330916.ppc64le.rpm	e97d2485a7532698ec464f3688a166a7fcef02de4884e12a07f7d18cc79d3177
s390x	go-toolset-1.25.3-2.module_el8.10.0+4074+24330916.s390x.rpm	50689e5769a42ad77d0aab8d14890cf23eceafaf0d9c750cfce1a79d93562a1b
s390x	golang-bin-1.25.3-2.module_el8.10.0+4074+24330916.s390x.rpm	50d4db0e99484420a779f86635c32e753e87ee4cfd5eee47921307257de8459c
s390x	golang-1.25.3-2.module_el8.10.0+4074+24330916.s390x.rpm	d7cce006439f90bd18d5f0481f5286edef8a57dffac0cccbaf80f68241cd87b2
s390x	golang-race-1.25.3-2.module_el8.10.0+4074+24330916.s390x.rpm	df0416011ac19669fb64b2f994416fffe7aaf827f05181924955febf0f1d44f8
x86_64	golang-bin-1.25.3-2.module_el8.10.0+4074+24330916.x86_64.rpm	00dd92421954ec75ceea68561c8724fed49dd916b3f629777d24d64d9a36eeb3
x86_64	golang-race-1.25.3-2.module_el8.10.0+4074+24330916.x86_64.rpm	89449eb137706bdee22a202a105278b900e656ec4f09cef75959aec300633921
x86_64	go-toolset-1.25.3-2.module_el8.10.0+4074+24330916.x86_64.rpm	abd72f3d7a4b1aef066cc42ade00e569a7af6e2b581fce3f178818dfd68acd5c
x86_64	delve-1.25.2-1.module_el8.10.0+4074+24330916.x86_64.rpm	c977ca34ac6c92aabfc6e36e40a42dc248b1c39360b630b3d722e77ddc66e9fb
x86_64	golang-1.25.3-2.module_el8.10.0+4074+24330916.x86_64.rpm	fc96a5f69b8dbb02fd68835e00e4702e973e00c56436e6ec12c12e90c92553d1

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.