go-toolset:rhel8 security update

2024-03-2704:34:32

Rockylinux Product Errata

errata.rockylinux.org

go-toolset

rhel8

security update

golang

memory leaks

rsa

rocky linux 8

cve

cvss

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.2%

JSON

An update is available for module.golang, go-toolset, delve, module.go-toolset, module.delve, golang.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

Security Fix(es):

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
rocky8x86_64delve< 1.20.2-1.module+el8.9.0+1392+c9f6376adelve-0:1.20.2-1.module+el8.9.0+1392+c9f6376a.x86_64.rpm
rocky8x86_64delve-debuginfo< 1.20.2-1.module+el8.9.0+1392+c9f6376adelve-debuginfo-0:1.20.2-1.module+el8.9.0+1392+c9f6376a.x86_64.rpm
rocky8x86_64delve-debugsource< 1.20.2-1.module+el8.9.0+1392+c9f6376adelve-debugsource-0:1.20.2-1.module+el8.9.0+1392+c9f6376a.x86_64.rpm
rocky8aarch64golang< 1.20.12-3.module+el8.9.0+1764+12d15796golang-0:1.20.12-3.module+el8.9.0+1764+12d15796.aarch64.rpm
rocky8x86_64golang< 1.20.12-3.module+el8.9.0+1764+12d15796golang-0:1.20.12-3.module+el8.9.0+1764+12d15796.x86_64.rpm
rocky8aarch64golang-bin< 1.20.12-3.module+el8.9.0+1764+12d15796golang-bin-0:1.20.12-3.module+el8.9.0+1764+12d15796.aarch64.rpm
rocky8x86_64golang-bin< 1.20.12-3.module+el8.9.0+1764+12d15796golang-bin-0:1.20.12-3.module+el8.9.0+1764+12d15796.x86_64.rpm
rocky8noarchgolang-docs< 1.20.12-3.module+el8.9.0+1764+12d15796golang-docs-0:1.20.12-3.module+el8.9.0+1764+12d15796.noarch.rpm
rocky8noarchgolang-misc< 1.20.12-3.module+el8.9.0+1764+12d15796golang-misc-0:1.20.12-3.module+el8.9.0+1764+12d15796.noarch.rpm
rocky8noarchgolang-src< 1.20.12-3.module+el8.9.0+1764+12d15796golang-src-0:1.20.12-3.module+el8.9.0+1764+12d15796.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	x86_64	delve	< 1.20.2-1.module+el8.9.0+1392+c9f6376a	delve-0:1.20.2-1.module+el8.9.0+1392+c9f6376a.x86_64.rpm
rocky	8	x86_64	delve-debuginfo	< 1.20.2-1.module+el8.9.0+1392+c9f6376a	delve-debuginfo-0:1.20.2-1.module+el8.9.0+1392+c9f6376a.x86_64.rpm
rocky	8	x86_64	delve-debugsource	< 1.20.2-1.module+el8.9.0+1392+c9f6376a	delve-debugsource-0:1.20.2-1.module+el8.9.0+1392+c9f6376a.x86_64.rpm
rocky	8	aarch64	golang	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-0:1.20.12-3.module+el8.9.0+1764+12d15796.aarch64.rpm
rocky	8	x86_64	golang	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-0:1.20.12-3.module+el8.9.0+1764+12d15796.x86_64.rpm
rocky	8	aarch64	golang-bin	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-bin-0:1.20.12-3.module+el8.9.0+1764+12d15796.aarch64.rpm
rocky	8	x86_64	golang-bin	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-bin-0:1.20.12-3.module+el8.9.0+1764+12d15796.x86_64.rpm
rocky	8	noarch	golang-docs	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-docs-0:1.20.12-3.module+el8.9.0+1764+12d15796.noarch.rpm
rocky	8	noarch	golang-misc	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-misc-0:1.20.12-3.module+el8.9.0+1764+12d15796.noarch.rpm
rocky	8	noarch	golang-src	< 1.20.12-3.module+el8.9.0+1764+12d15796	golang-src-0:1.20.12-3.module+el8.9.0+1764+12d15796.noarch.rpm