ALSA-2025:8476

[ALSA-2025:8476] Moderate: golang security update

Type:

security

Severity:

moderate

Release date:

2025-06-05

Description:

The golang packages provide the Go programming language compiler.  

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	golang-1.23.9-1.el9_6.aarch64.rpm	6587076cbe6d74cfca4ccbbbf6baa5e0dc442bbaa8667d16d76ee400f34adf66
aarch64	go-toolset-1.23.9-1.el9_6.aarch64.rpm	a9230c95266a7bb644b7585b7226e17992a3afaf311de0258ea3cae473d29128
aarch64	golang-race-1.23.9-1.el9_6.aarch64.rpm	cd4c983871b4337c6be1a94d50cf90f12b9bed47cf4694ae0eae1cb42af01625
aarch64	golang-bin-1.23.9-1.el9_6.aarch64.rpm	e20550c53cf651974dfe55c5e2d931eff6e78dbcac0d740c78dd5dfdc862e5f3
noarch	golang-misc-1.23.9-1.el9_6.noarch.rpm	3b6b59952001d719c0acf1a55f35b77f8487086be734e1a406d919819a30f69b
noarch	golang-src-1.23.9-1.el9_6.noarch.rpm	7ba826ac99805837764362226fd1f95ee0512981200ff49b5aef45b71a95b35a
noarch	golang-tests-1.23.9-1.el9_6.noarch.rpm	a3c86d76cc668699bf31a417bd4ce5f4f40adbc3f9a3f91cc7aab4d1c5f43c27
noarch	golang-docs-1.23.9-1.el9_6.noarch.rpm	c45b6b351e35765ff179b93d2feec84907483b37c81cff4d7416944e3407c759
ppc64le	go-toolset-1.23.9-1.el9_6.ppc64le.rpm	079fc505695099af0cf600c476660f6198250a107fc721f0fde216bac9532b18
ppc64le	golang-bin-1.23.9-1.el9_6.ppc64le.rpm	8ac81610823b72ca4d2f56d755b90c6f36b9c77fd0ba9eda772192c9e05f9e6d
ppc64le	golang-race-1.23.9-1.el9_6.ppc64le.rpm	a30a614ab4a71bc342fb1667edd9dc96f3fb9c2a3c7687d12fb8243540e740ce
ppc64le	golang-1.23.9-1.el9_6.ppc64le.rpm	f2cfc3bfeb14fc8788bb63e35cb76562685d35fe249a203e96e53919ae5a2613
s390x	golang-race-1.23.9-1.el9_6.s390x.rpm	1aa2b47f415c0b0ea21766867e9a1e5f184a5372fda569a8dd20cc7a30831fa7
s390x	golang-1.23.9-1.el9_6.s390x.rpm	1ed1b5c4ff37f079b460e7c066f3bd7e0f2c87e81814c2253eeedf23dca977f2
s390x	go-toolset-1.23.9-1.el9_6.s390x.rpm	95f409fbd4e6912b777bd0b0f5667a61d25f105710f35938078691f395bb6bf2
s390x	golang-bin-1.23.9-1.el9_6.s390x.rpm	a1aa8b3c6e475b0969629b6bc7fa349f02ef876b46652f92a8ab0b5f75a8c2b6
x86_64	go-toolset-1.23.9-1.el9_6.x86_64.rpm	03288cc532552785c2cfb61928d5015e80b5bf4c2825dfca13ade8f94e630b39
x86_64	golang-race-1.23.9-1.el9_6.x86_64.rpm	17edbc69c4f3ada74a7d395ca167415fa227e4d2f10be0735718c32825b43144
x86_64	golang-1.23.9-1.el9_6.x86_64.rpm	24d7a033e8e6ca43b27da19762b6e7e62597c5f3a0116b9640a36d3f5eedce88
x86_64	golang-bin-1.23.9-1.el9_6.x86_64.rpm	401240e42f8201fba2f3bfb92cb14a8b4ff0126bd655ece0edcea76fe06d1aff

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.