ALSA-2026:19181

[ALSA-2026:19181] Important: golang security update

Type:

security

Severity:

important

Release date:

2026-05-26

Description:

The golang packages provide the Go programming language compiler.  

Security Fix(es):  

  * crypto/x509: Incorrect enforcement of email constraints in crypto/x509 (CVE-2026-27137)
  * net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	go-toolset-1.26.2-1.el9_8.aarch64.rpm	1df331f2d27a2a7398d4e61053c0d84b26a6d3b07a1ff40e4f4a5a080aa06087
aarch64	golang-bin-1.26.2-1.el9_8.aarch64.rpm	955401224192966ecd62d7e4221ce372b427f236804d476b6123d81b335836c8
aarch64	golang-1.26.2-1.el9_8.aarch64.rpm	9ea9c1b2c3cbba93df7349f3194d92c383834cb8a48e782c230383923e17e587
aarch64	golang-race-1.26.2-1.el9_8.aarch64.rpm	baa2fa6cae0ebdb898b26fea0c5128757cec115e691783d84434b3c014b2cfd1
noarch	golang-tests-1.26.2-1.el9_8.noarch.rpm	08e67e53fc3ce9c0ae96ee93a5e4ec66f4e5a3a2ffed7a0f9616d7670c9ee570
noarch	golang-misc-1.26.2-1.el9_8.noarch.rpm	2b165165493a8b8fdd5580a8b1fb21b00df7d36596374379549a4d569feb2ac1
noarch	golang-docs-1.26.2-1.el9_8.noarch.rpm	c6f64db75f56c9be80e9d422eff77fb9d16eb9d3573825deeeef6f21aaba86fe
noarch	golang-src-1.26.2-1.el9_8.noarch.rpm	eb5fa14bbbf8d032e4aba23b5f3e28e92d877365ba212ca2df8ecd70381ea7ff
ppc64le	golang-bin-1.26.2-1.el9_8.ppc64le.rpm	4850f293c2cf8623d81784ad116cefdb36991483d8e85c1c705d6659b144454a
ppc64le	golang-race-1.26.2-1.el9_8.ppc64le.rpm	c3c85393442bcb33b2c0120f5b33b321728f5df9cb9569e262d782b548f28f12
ppc64le	go-toolset-1.26.2-1.el9_8.ppc64le.rpm	d6716ddbb066a1f9b2a0015f35d51d6196e1f58b6924cabe9d2f6625fcc117c5
ppc64le	golang-1.26.2-1.el9_8.ppc64le.rpm	dc60c6af814c6cf17c94092e4fc92f47a4dcdaf079d318d2776a28b7b3274f60
s390x	golang-1.26.2-1.el9_8.s390x.rpm	120d4e87b1532dc62baa6747050cd96a6909d55ea8d4224f808abfe6878117f1
s390x	go-toolset-1.26.2-1.el9_8.s390x.rpm	501d157bd013edb756ca58eba4e86b8daf2ccecef218ba7b984bd47a5958ca6b
s390x	golang-race-1.26.2-1.el9_8.s390x.rpm	67b94e6f1ebe6019f16a8c8e2e4c7bb06d632938f5395d48206bf5520ddd97e9
s390x	golang-bin-1.26.2-1.el9_8.s390x.rpm	f768e310d3c9193c52c852d4d7cb704820a1f548c72beb8bef0b54b79d5cfc02
x86_64	golang-bin-1.26.2-1.el9_8.x86_64.rpm	04ea3f789fef5d7ecbfb5aed451a53077b00e11d16f01b93eb12269950e6e8bd
x86_64	go-toolset-1.26.2-1.el9_8.x86_64.rpm	14d704783df52727e48c37386db5513e729deb815b4d5c24cdbf76eb12456215
x86_64	golang-1.26.2-1.el9_8.x86_64.rpm	5337dd6fe13576573d495f490306939cf9f776ccde8399fbdb500a4b5a5e1b36
x86_64	golang-race-1.26.2-1.el9_8.x86_64.rpm	b5c0e2d902db9e646fd8dc478b51c2cc356287cbd3af76383469c42f51c82ca7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.