[ALSA-2026:38995] Important: go-toolset:rhel8 security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2026-07-14
Description:
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821) * crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (CVE-2026-27145) * os: golang: Go os.Root: Symlink following vulnerability allows directory traversal (CVE-2026-39822) Bug Fix(es) and Enhancement(s): * Update Go to version 1.26.5+1 [almalinux-8.10.z] (JIRA:AlmaLinux-193478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 golang-bin-1.26.5-1.module_el8.10.0+4223+bd807c2e.aarch64.rpm 4617759e2c694eb7d18747e26dcf3271ca5193bd3ddcbbf232b75a88cc44f1ff
aarch64 golang-race-1.26.5-1.module_el8.10.0+4223+bd807c2e.aarch64.rpm 7a3ab8609dd6afb1fa2ba82f8d79cf04022e1d045d96bea34241898876566429
aarch64 golang-1.26.5-1.module_el8.10.0+4223+bd807c2e.aarch64.rpm 8592995b7be28d8c2a9e0187fbe3067b85514e3c376e9dde3f5b94ef4693a46d
aarch64 delve-1.26.1-1.module_el8.10.0+4223+bd807c2e.aarch64.rpm a1827b550646f60c298aff1ca540c2df0b7c8425d215123b45d5f75d39816386
aarch64 go-toolset-1.26.5-1.module_el8.10.0+4223+bd807c2e.aarch64.rpm b0c304171153b7208991557ec87d39888816290bf78064d95fa23e2a810be29a
noarch golang-docs-1.26.5-1.module_el8.10.0+4223+bd807c2e.noarch.rpm 229e1a7d25b8e1d2947e9d18aa3a184caca32a1444328f8763794dea60403b10
noarch golang-src-1.26.5-1.module_el8.10.0+4223+bd807c2e.noarch.rpm 50f0ee3b371ce452d038a5e43c1f29869cb2138f0fc2ba4bc177f085214b1221
noarch golang-tests-1.26.5-1.module_el8.10.0+4223+bd807c2e.noarch.rpm cd304cc0c117880a1fdfae552aec002c3ab597282532a030b3ce563e51a3d3bd
noarch golang-misc-1.26.5-1.module_el8.10.0+4223+bd807c2e.noarch.rpm f3806c3e7f9a48379903c2f02f54be6a24534cf648149fa25812f91a51ef1fee
ppc64le delve-1.26.1-1.module_el8.10.0+4223+bd807c2e.ppc64le.rpm 22db6544eaf3352194e15fc5917ee151bebbb6dcd7c4beb0d6f8ce9e01bcfe31
ppc64le golang-race-1.26.5-1.module_el8.10.0+4223+bd807c2e.ppc64le.rpm 25867ea2a6711bb94cee2a6e13160dbadf7818e8037ca27dc7d1b8092e2a6665
ppc64le golang-1.26.5-1.module_el8.10.0+4223+bd807c2e.ppc64le.rpm 2efd91d25c6abd488ad8e128ec5a8ea17a25d3728297651c1d83f0868f998a25
ppc64le go-toolset-1.26.5-1.module_el8.10.0+4223+bd807c2e.ppc64le.rpm 9ab2aeeb1991ec5b09dd33fb28ce8d91413f49e295e0fe25bfb7e6c6b9228c58
ppc64le golang-bin-1.26.5-1.module_el8.10.0+4223+bd807c2e.ppc64le.rpm cc5209adcb05af53d5d18ae136c4e92845f1e7eda293db414158153b98191228
s390x golang-bin-1.26.5-1.module_el8.10.0+4223+bd807c2e.s390x.rpm 2cf463d5846f63346bd8233c46d4d030e0efd8b2029b67ac15c8da1466803347
s390x golang-1.26.5-1.module_el8.10.0+4223+bd807c2e.s390x.rpm 510686277cd47c03bdf74272f6783cc4342471b37db40fa1a8d7ccd2aaa6b1f4
s390x golang-race-1.26.5-1.module_el8.10.0+4223+bd807c2e.s390x.rpm e6ec6927eb7a3c3ef8be5fb83186c9e0f2f666b224888ba2053fc3afb868ccef
s390x go-toolset-1.26.5-1.module_el8.10.0+4223+bd807c2e.s390x.rpm f26f6c7ae81fd49b04a1d4addce747a04aa6c4b1ca2da6d2ced6c6a3f2e11459
x86_64 golang-bin-1.26.5-1.module_el8.10.0+4223+bd807c2e.x86_64.rpm 0f848a1636bba4f0048cf0e34c5562895d6bf94832f80c8b044dfd4fddc5269f
x86_64 go-toolset-1.26.5-1.module_el8.10.0+4223+bd807c2e.x86_64.rpm 7dc9ac8a7723a97659c02a6dd5149d38772380bce0d44fcc7ec2cef19e23f154
x86_64 delve-1.26.1-1.module_el8.10.0+4223+bd807c2e.x86_64.rpm e49c140a03e0c521c7c89f89a1df2e45d2071d7aa43617a68b4ad52079f27024
x86_64 golang-1.26.5-1.module_el8.10.0+4223+bd807c2e.x86_64.rpm ed14f6270980a0ead6a9a349ff19b1f933cf77838b82950a62041aca1a0ec93b
x86_64 golang-race-1.26.5-1.module_el8.10.0+4223+bd807c2e.x86_64.rpm fa3e95797022f1a67902b6a2391e69787004ecb881b763c74d0e1d221f133a38
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.