golang security update

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

CVE-2025-61728

CVE-2025-61728 concerns the Go archive/zip package, where a super-linear file-name indexing approach can cause denial of service when opening a malicious ZIP archive. The primary CVE description states DoS on processing crafted archives. Connected advisory entries (ALAS2023-2026-1381/1382/1401/et...

Important: Red Hat Security Advisory: ACS 4.5 enhancement update

Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

ALSA-2024:9115 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip:...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-2366)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2366)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:5258)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:5258)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...

Moderate: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2100)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-2083)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment...

Moderate: Red Hat Security Advisory: Network Observability 1.6.1 for OpenShift

Network Observability 1.6 for Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Moderate: Red Hat Security Advisory: Release of openshift-serverless-clients kn 1.33.1 security update and bug fixes

Red Hat openshift-serverless-clients kn 1.33.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

RHEL 8 : Release of openshift-serverless-clients kn 1.33.1 security updatees (Moderate) (RHSA-2024:4867)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4867 advisory. Red Hat OpenShift Serverless Client kn 1.33.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.33.1. The kn CLI is delivered as an RPM...

Rocky Linux 9 : golang (RLSA-2024:4212)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4212 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6...

AlmaLinux 8 : go-toolset (ALSA-2024:4237)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4237 advisory. golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6...

FreeBSD : go -- multiple vulnerabilities (a5c64f6f-2af3-11ef-a77e-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a5c64f6f-2af3-11ef-a77e-901b0e9408dc advisory. The Go project reports: archive/zip: mishandling of corrupt central directory record The...