[ALSA-2026:2708] Important: go-toolset:rhel8 security update
Type:
security
Severity:
important
Release date:
2026-02-16
Description:
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728) * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) * cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732) * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 golang-race-1.25.7-1.module_el8.10.0+4117+b694c6c9.aarch64.rpm 3df562bcc4e340965b9ae2b229409dd8ab49cc50bb669906d77f15c7c1ddeae4
aarch64 golang-bin-1.25.7-1.module_el8.10.0+4117+b694c6c9.aarch64.rpm 60913bfe1ff1695d0fc9e24b888b30f7705fe8b7cbe9a99ca3456a225be35495
aarch64 delve-1.25.2-1.module_el8.10.0+4074+24330916.aarch64.rpm 88f630e03417fb2d3eb2d58ecb082b2dc0cec1276445da41571e47d1d3fbfc26
aarch64 golang-1.25.7-1.module_el8.10.0+4117+b694c6c9.aarch64.rpm de1e22e27f61fded2d30cf35e512be82813e08161067e0ec7d0d5d741b05c2c4
aarch64 go-toolset-1.25.7-1.module_el8.10.0+4117+b694c6c9.aarch64.rpm fb6b15eebe3ddb5dae57442d4082ce24d41d6b376ae5a683c8606686fc711855
noarch golang-src-1.25.7-1.module_el8.10.0+4117+b694c6c9.noarch.rpm 203f0c26c079561bf9bd584b13ce802549ed10a989eec635d3f16c084fb75bd1
noarch golang-tests-1.25.7-1.module_el8.10.0+4117+b694c6c9.noarch.rpm 68f584dfd43c96fe257ae22e9287a08f29b5bb9dd4bb9cbe3f943381b64734dc
noarch golang-misc-1.25.7-1.module_el8.10.0+4117+b694c6c9.noarch.rpm 908f38fb83350f5314f3babb90ef7fa51fe51044dc2bf19dd21d27ce169821d6
noarch golang-docs-1.25.7-1.module_el8.10.0+4117+b694c6c9.noarch.rpm e51893669a4e2e844f540ef638eaeb1c49cc5f5733d3618cca74906eb21a46af
ppc64le delve-1.25.2-1.module_el8.10.0+4074+24330916.ppc64le.rpm 17d4c313ef3d0be4e1327a134976fe78c5a06923d13ce8f0bc7c2c3bf4e71eab
ppc64le golang-race-1.25.7-1.module_el8.10.0+4117+b694c6c9.ppc64le.rpm 8e9b9e23535b619f0eda68fabef3a9e3c6d9cda59c08589e9c966d2229d201be
ppc64le go-toolset-1.25.7-1.module_el8.10.0+4117+b694c6c9.ppc64le.rpm b04731d2f90e5e215318c61fb937db3e2629b97ef30a357ea7038a18d7f53a17
ppc64le golang-bin-1.25.7-1.module_el8.10.0+4117+b694c6c9.ppc64le.rpm b173dc5cbb3677d050bee74434f9ae216f87e8676ba1fcc673803dc1092687d3
ppc64le golang-1.25.7-1.module_el8.10.0+4117+b694c6c9.ppc64le.rpm e1916d918b1de7aac0ab90b58612066827eff9be2adc612d13555c2499621d15
s390x go-toolset-1.25.7-1.module_el8.10.0+4117+b694c6c9.s390x.rpm 242e9f6b3c8bb92d62e0d12e367eedd976ee787ef0cf18271dc510d38ea6acd0
s390x golang-bin-1.25.7-1.module_el8.10.0+4117+b694c6c9.s390x.rpm 8bde083f490f0f31c999f4ac1806e549253c4fc3944f33e8a420af9d77fa3853
s390x golang-race-1.25.7-1.module_el8.10.0+4117+b694c6c9.s390x.rpm ee84a5686b48891f4320d770bbbe07dc47e3f658db494083999438ae85a87475
s390x golang-1.25.7-1.module_el8.10.0+4117+b694c6c9.s390x.rpm f2488cba9371ab35ca188541468a65a0ad954398fe1b73582f0d2a0f6a3d9dc0
x86_64 golang-bin-1.25.7-1.module_el8.10.0+4117+b694c6c9.x86_64.rpm 05c9e19f3ed54c2837ae57a260272f862012acdabfa78be530a4201645bc63c1
x86_64 go-toolset-1.25.7-1.module_el8.10.0+4117+b694c6c9.x86_64.rpm 0724a6408a594bc153a37f22b4983e5c8bfd4cbd3cc7fdae1584eebfb1f5b6ad
x86_64 golang-race-1.25.7-1.module_el8.10.0+4117+b694c6c9.x86_64.rpm 9ca827653e6ed286decd51cc43e8036cb263ef40afa8dd3f18a20d445aa6ea2e
x86_64 golang-1.25.7-1.module_el8.10.0+4117+b694c6c9.x86_64.rpm c1c1e9d102fb2456fb00bc549e1812f4daca6afc965b9f2af98e9bfef776f43a
x86_64 delve-1.25.2-1.module_el8.10.0+4074+24330916.x86_64.rpm c977ca34ac6c92aabfc6e36e40a42dc248b1c39360b630b3d722e77ddc66e9fb
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.