ALSA-2025:3772

[ALSA-2025:3772] Moderate: go-toolset:rhel8 security update

Type:

security

Severity:

moderate

Release date:

2025-04-10

Description:

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.   

Security Fix(es):  

  * golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341)
  * golang: net/[http:](http:) net/[http:](http:) sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	go-toolset-1.23.6-1.module_el8.10.0+3977+66935a26.aarch64.rpm	0e667e9175d15a5a86cfc091df66b8b7eef1813f94f258ac89aa115bf7a749f9
aarch64	delve-1.24.1-1.module_el8.10.0+3977+66935a26.aarch64.rpm	ae6bcd61620ca8ea319a3815f4a508309c34dfc93706fb79a2a6573855bbd3bb
aarch64	golang-bin-1.23.6-1.module_el8.10.0+3977+66935a26.aarch64.rpm	b8537ca1d4418077177fecd0f2c2e3b604934fb6ec8daead599f241672dc2afa
aarch64	golang-1.23.6-1.module_el8.10.0+3977+66935a26.aarch64.rpm	c7b734b3111b8509aeac51359a3a1d0f8d8515401fcb5b52f166868b9c0fc714
noarch	golang-tests-1.23.6-1.module_el8.10.0+3977+66935a26.noarch.rpm	21a9f36cccec8941104f1fcee53b1f57e19f5eabe8af34c869a0b894a470c367
noarch	golang-docs-1.23.6-1.module_el8.10.0+3977+66935a26.noarch.rpm	467ed2097eeea5cb3b299c790aae205b859c6eb071df6e65523b650f9fd08327
noarch	golang-misc-1.23.6-1.module_el8.10.0+3977+66935a26.noarch.rpm	58f33e180899842fa00f4b1508a33ef4f95137f7b4282a142aac2f88e6b1a0f7
noarch	golang-src-1.23.6-1.module_el8.10.0+3977+66935a26.noarch.rpm	cdef9707baf2724c1b8791925118d22df7bc2ec4a16c99fbe232e2c296de590f
ppc64le	delve-1.24.1-1.module_el8.10.0+3977+66935a26.ppc64le.rpm	01e7670fdd30fbfe853e8aa61bc4785847206812e80e62a30b8cae959d5a6108
ppc64le	go-toolset-1.23.6-1.module_el8.10.0+3977+66935a26.ppc64le.rpm	641ded3d325e701711e67f1fc9b1ae92e1673d40034a8922b6117a05d7184575
ppc64le	golang-bin-1.23.6-1.module_el8.10.0+3977+66935a26.ppc64le.rpm	76fc7bf28a55560ba35c89cf250ba200ab7518850df54b89566a2fa1e53d56fa
ppc64le	golang-1.23.6-1.module_el8.10.0+3977+66935a26.ppc64le.rpm	c7464cdd8a6c9c18281a968db49d6e1bbb69059a65b4f2504da2e5bd05d27cfd
s390x	golang-1.23.6-1.module_el8.10.0+3977+66935a26.s390x.rpm	2dd6c2741468fd98dc0a8a84b74db99f8983ed9cc52e8213350fd659402f8b06
s390x	golang-bin-1.23.6-1.module_el8.10.0+3977+66935a26.s390x.rpm	6aa4d27ec3e4956d8937b1fa3556834a103f6993677f8d2aa095a221ee8b6aaf
s390x	go-toolset-1.23.6-1.module_el8.10.0+3977+66935a26.s390x.rpm	cf09d8a6de447d2128ac77217fd6e83a488afb3f6722eab451392f59040987a9
x86_64	delve-1.24.1-1.module_el8.10.0+3977+66935a26.x86_64.rpm	1698154311f3554f06a4e51229d106abbbf6ead3d7b74f031538414bf2d48cf2
x86_64	golang-1.23.6-1.module_el8.10.0+3977+66935a26.x86_64.rpm	afc0740883491c379987fa79e961fe4a443d0449610318ad02924285c8a46fcf
x86_64	go-toolset-1.23.6-1.module_el8.10.0+3977+66935a26.x86_64.rpm	f25283e14b0664bb53a78f0dac298a701e1921339c1a5246811323095b6f2307
x86_64	golang-bin-1.23.6-1.module_el8.10.0+3977+66935a26.x86_64.rpm	fe5779c79d1552f64a8412ce61caaf7f656462bc094b2537ed7d9924556f8a13

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.