ALSA-2025:3773

[ALSA-2025:3773] Important: delve and golang security update

Type:

security

Severity:

important

Release date:

2025-04-10

Description:

The Go Programming Language.  

Security Fix(es):  

  * encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	go-toolset-1.23.6-2.el9_5.aarch64.rpm	08e8f19efcf35ef62654741f44d15018c81da9446819c056e295eb4a3947bbd2
aarch64	golang-race-1.23.6-2.el9_5.aarch64.rpm	446758d079ab642b2764bc4113bd52c0d2e1d8702c393d5f22037d3c88fd9820
aarch64	golang-bin-1.23.6-2.el9_5.aarch64.rpm	717b10b3c88aefc9269fa9ebed5b96ff6efd6661053036b36d9ab961fb94761f
aarch64	delve-1.24.1-2.el9_5.aarch64.rpm	8dfa87ae39f3b8649b1a47891a56bc2e67cc6a640a5ae87ad343778d7cb70bb3
aarch64	golang-1.23.6-2.el9_5.aarch64.rpm	ee8a6e4d17f9c565766ce7311a153addd5e46ade37941337be77a6653346eb63
noarch	golang-misc-1.23.6-2.el9_5.noarch.rpm	15994156d65e498b48edce0a83f6fa539fd964b8c17c6bbd189dc36cf14a0f4b
noarch	golang-tests-1.23.6-2.el9_5.noarch.rpm	8efc93285b11531f1481cc5986e5b4cd892a01b7595c1fb7d21198bd5bf388b2
noarch	golang-src-1.23.6-2.el9_5.noarch.rpm	e871ca30ed3abf4af1f8574f5b92738a5878ad2e8b54dffdbc9715a2ba9a7dd4
noarch	golang-docs-1.23.6-2.el9_5.noarch.rpm	ea7cc52ebdb704fd6d1a71b8bef45cb23b3c1d89c6b3a218fb425aa85a555057
ppc64le	delve-1.24.1-2.el9_5.ppc64le.rpm	1e24a774d0b0b24cb0220eba389544afafc5c03099c064d76b998f17bb5a05b9
ppc64le	golang-race-1.23.6-2.el9_5.ppc64le.rpm	1f33c4bb4fcf75952d20e7a53bce719e83a6646e183dda057792461252e5f8a4
ppc64le	golang-1.23.6-2.el9_5.ppc64le.rpm	45e7c07ce22a6382c5db8a112ba15613953e944083d4c69983da97aa9da54ccf
ppc64le	golang-bin-1.23.6-2.el9_5.ppc64le.rpm	57921cf7d1e1e10ec8415094030c487a885c919164ce895d8fc391c25be3210d
ppc64le	go-toolset-1.23.6-2.el9_5.ppc64le.rpm	f92f154509f1e830199f94d2bd0313a1a0c1cbcf3b79e47dad8ed9d485ff8b1b
s390x	golang-1.23.6-2.el9_5.s390x.rpm	3120dd9f68a13af1df981fda80c17d4abb934aaa444b2bccb91a3cb2add2433d
s390x	golang-race-1.23.6-2.el9_5.s390x.rpm	9e9037ba5e6d86bd44f3ae2b1aced235fffaf771f599b9db70332927f41aa6d1
s390x	golang-bin-1.23.6-2.el9_5.s390x.rpm	c6500db32b5f8c49efbf1bfdd1c41692dae8d6a52f4db60e70571c8d3292a14f
s390x	go-toolset-1.23.6-2.el9_5.s390x.rpm	cf35be01e83a6f4e9a3b233bcb578e5525cce16f3814158a98fee05114542583
x86_64	go-toolset-1.23.6-2.el9_5.x86_64.rpm	28e2e0332653bc7c64a8836d97a4b75e35eeb1d6a5b1e40eb902805e7fe2c4ed
x86_64	golang-1.23.6-2.el9_5.x86_64.rpm	7ccb7dc53517004961f86ebf72871dc989318a7f0c920c43807336b348395040
x86_64	delve-1.24.1-2.el9_5.x86_64.rpm	f3cadd5d3b6537dfca5e99a06eaaeeb56d8b3fe1ca7761cd64b83151bcd181ff
x86_64	golang-race-1.23.6-2.el9_5.x86_64.rpm	f8ce29d85c5b469d938107ade0ca7c753d8838f841b568ffef10d057be84f11e
x86_64	golang-bin-1.23.6-2.el9_5.x86_64.rpm	f9be2af457cf5a631be09518dbbf504e7d125c5956baf9883fe7baf995f3d252

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.