2 matches found
CLSA-2026-1773314910 git-lfs: Fix of 3 CVEs
rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE - CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory consumption during form parsing - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys...
OESA-2023-1192 golang security update
The Go Programming Language. Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723 Large handshake records may cause panics in crypto/tls. Both...