The golang packages provide the Go programming language compiler.
The following packages have been upgraded to a later upstream version: golang (1.9.4). (BZ#1479095, BZ#1499827)
golang: arbitrary code execution during "go get" or "go get -d" (CVE-2017-15041)
golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting (CVE-2017-15042)
golang: arbitrary code execution during "go get" via C compiler options (CVE-2018-6574)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.