[ALSA-2026:6949] Important: go-toolset:rhel8 security update
Type:
security
Severity:
important
Release date:
2026-04-09
Description:
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731) * net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 delve-1.25.2-1.module_el8.10.0+4074+24330916.aarch64.rpm 88f630e03417fb2d3eb2d58ecb082b2dc0cec1276445da41571e47d1d3fbfc26
aarch64 golang-race-1.25.8-1.module_el8.10.0+4156+92f0ae2f.aarch64.rpm 8e34eaf540a82b0f0c739ba7e1700b90fd7002b531c0724ab9a3023b6cc7984c
aarch64 go-toolset-1.25.8-1.module_el8.10.0+4156+92f0ae2f.aarch64.rpm 97b7be6086dbe7d11e9f4c37a363bd04e666ee51809126051543ca9cba4a98cb
aarch64 golang-bin-1.25.8-1.module_el8.10.0+4156+92f0ae2f.aarch64.rpm bd4f9777e7483f2681af6301081650e350579c6f1858fdf632992de7ce520cf9
aarch64 golang-1.25.8-1.module_el8.10.0+4156+92f0ae2f.aarch64.rpm c06b82d4b36c9d47674a9156202858e7b123700433d18721f0373408d462d0ab
noarch golang-misc-1.25.8-1.module_el8.10.0+4156+92f0ae2f.noarch.rpm 3f2683b8cc0a7d950e4af78e38ea3e852203ae81f3b163fa4df9ef4d02634dba
noarch golang-tests-1.25.8-1.module_el8.10.0+4156+92f0ae2f.noarch.rpm c2f6d8d6aaf6f805fea6a053cc934eb4f5f60940a1075d048eaedc87cd5ec23b
noarch golang-src-1.25.8-1.module_el8.10.0+4156+92f0ae2f.noarch.rpm d31472d5a294ec900edd24ede84422c51678ebdbf4cdd919b5f1ddc282b21c82
noarch golang-docs-1.25.8-1.module_el8.10.0+4156+92f0ae2f.noarch.rpm e23165d45a016bc828cc87468d58d2ead0f0154dff7ee91a652f0e7633b04ba0
ppc64le go-toolset-1.25.8-1.module_el8.10.0+4156+92f0ae2f.ppc64le.rpm 0868a3203c65b2953e855cb556d489bb73a84c42687c9357b96860aa9ffbaeef
ppc64le golang-race-1.25.8-1.module_el8.10.0+4156+92f0ae2f.ppc64le.rpm 151a983f71251d220b96167328fdf1cbfc72266e8dd1ae6b031a07f86735f740
ppc64le delve-1.25.2-1.module_el8.10.0+4074+24330916.ppc64le.rpm 17d4c313ef3d0be4e1327a134976fe78c5a06923d13ce8f0bc7c2c3bf4e71eab
ppc64le golang-1.25.8-1.module_el8.10.0+4156+92f0ae2f.ppc64le.rpm 95a64e55a451c2731c089952a24bbd822b2a1eec395a3e1725b507dc549b2c7b
ppc64le golang-bin-1.25.8-1.module_el8.10.0+4156+92f0ae2f.ppc64le.rpm d3e366347f9e84ec9ce465c4f5236bf37d5315a9001861764694ea30fd2019a9
s390x golang-1.25.8-1.module_el8.10.0+4156+92f0ae2f.s390x.rpm 28a5826d2b09b39da97aeb270742cf169c0c55d9035c92ea932ddc87e5ba2305
s390x golang-bin-1.25.8-1.module_el8.10.0+4156+92f0ae2f.s390x.rpm c27b3d6395cec0c95a9ded80d67513520242fd1aed254271d9435437fd5a4bf9
s390x go-toolset-1.25.8-1.module_el8.10.0+4156+92f0ae2f.s390x.rpm cf8ad37f33583e93276bc6146e34991ca04bb187e37c205f167ac974dbea7ec7
s390x golang-race-1.25.8-1.module_el8.10.0+4156+92f0ae2f.s390x.rpm fd76f20cb9b4e1b5149614569e1ab33d6765e1e6e499e9a4a5422935a1e691f7
x86_64 golang-race-1.25.8-1.module_el8.10.0+4156+92f0ae2f.x86_64.rpm 082a4a527d770c780f8e1a30d8e98eef035d65de0819fc61025f044818d0507f
x86_64 golang-bin-1.25.8-1.module_el8.10.0+4156+92f0ae2f.x86_64.rpm 0f0a2e10de8c208c12e6a864d7f6d0dc163985e78ea3803d7d627e5221655c6a
x86_64 golang-1.25.8-1.module_el8.10.0+4156+92f0ae2f.x86_64.rpm 147d9b36821ba7f8d0181617dac97be66d63f6bf5408e3db271430eef13ea132
x86_64 delve-1.25.2-1.module_el8.10.0+4074+24330916.x86_64.rpm c977ca34ac6c92aabfc6e36e40a42dc248b1c39360b630b3d722e77ddc66e9fb
x86_64 go-toolset-1.25.8-1.module_el8.10.0+4156+92f0ae2f.x86_64.rpm cd05fc958ad23cb039c2fc33d84b9159c639e03f81b5ab3bdbca2f55b286b2d5
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.