Go-Toolset and Delve/Golang updates for AlmaLinux

AlmaLinux 2369 Published by

AlmaLinux has been updated with two security patches for go-toolset and delve/golang:

ALSA-2025:3772: go-toolset:rhel8 security update (Moderate)
ALSA-2025:3773: delve and golang security update (Important)




ALSA-2025:3772: go-toolset:rhel8 security update (Moderate)


Hi,

You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.

AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2025-04-10

Summary:

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

Security Fix(es):

* golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341)
* golang: net/[http:](http:) net/[http:](http:) sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2025-3772.html

This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.

Kind regards,
AlmaLinux Team



ALSA-2025:3773: delve and golang security update (Important)


Hi,

You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.

AlmaLinux: 9
Type: Security
Severity: Important
Release date: 2025-04-10

Summary:

The Go Programming Language.

Security Fix(es):

* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2025-3773.html

This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.

Kind regards,
AlmaLinux Team


OpenShift and RHEL AI updates for RHEL

AppArmor, GoVulnCheck-VulnDB, Linux kernel updates for SUSE

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...