44 matches found
CLSA-2026-1779182426 buildah: Fix of CVE-2026-32283
rebuild on tuxcare9.6esu with newer golang version 1.25.7-1.el96.tuxcare.els4 - CVE-2026-32283: fix TLS 1.3 deadlock in crypto/tls handleKeyUpdate...
CLSA-2026-1779109358 grafana-pcp: Fix of CVE-2026-32283
CVE-2026-32283: rebuild against golang = 1.25.7-1.el96.tuxcare.els5...
Oracle Linux 8 : go-toolset:ol8 (ELSA-2026-10704)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10704 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related:...
CLSA-2026-1777029448 containernetworking-plugins: Fix of CVE-2026-25679
rebuild with newer golang version 1.25.7-1.el96.tuxcare.els2 to fix the following CVE - CVE-2026-25679: reject IPv6 literals not at the start of the host subcomponent in net/url.Parse to prevent URL authority validation bypass...
CLSA-2026-1776968105 skopeo: Fix of CVE-2026-25679
rebuild with newer golang version 1.25.7-1.el96.tuxcare.els2 to fix the following CVE - CVE-2026-25679: fix insufficient validation of host/authority in net/url.Parse by rejecting invalid URLs with IPv6 literals not at the start of the host...
CLSA-2026-1776966842 go-rpm-macros: Fix of CVE-2026-25679
CVE-2026-25679: rebuild against golang-1.25.7-1.tuxcare.els2 which contains the net/url IPv6 host-literal parsing fix...
CLSA-2026-1776070934 grafana: Fix of CVE-2026-25679
rebuild with golang 1.25.7-els2 which fixes the following CVEs - - CVE-2026-25679: fix insufficient validation of host/authority in net/url.Parse...
Oracle Linux 8 : go-toolset:ol8 (ELSA-2026-6949)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6949 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related:...
SUSE SLES16 Security Update : go1.25-openssl (SUSE-SU-2026:20623-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20623-1 advisory. - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect...
AZL-79610 CVE-2026-27138 affecting package golang 1.25.7-1
Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifying X.509 certificate chains, or those that use TLS...
AZL-79613 CVE-2026-27137 affecting package golang 1.25.7-1
When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...
openSUSE 16 Security Update : go1.25-openssl (openSUSE-SU-2026:20301-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20301-1 advisory. - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level...
SUSE SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:0790-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0790-1 advisory. Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows...
CLSA-2026-1772619878 runc: Fix of 3 CVEs
rebuild with newer golang version 1.25.7-1.el96.tuxcare.els1 to fix the following CVEs - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry - CVE-2025-61726: limit parsed URL query parameters to...
CLSA-2026-1772573053 butane: Fix of CVE-2025-61729
rebuilt with golang = 1.25.7-1.tuxcare.els1 to address the following security issues: - CVE-2025-61729...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...
SUSE-SU-2026:20623-1 Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821 - CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain bsc1256820 ...
OPENSUSE-SU-2026:20301-1 Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821 - CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain bsc1256820 ...
golang security update
1.25.7-1 - Update to Go 1.25.7 fips-1 - Resolves: RHEL-146476...