Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: crypto/x509: Incorrect enforcement of email constraints in crypto/x509 CVE-2026-27137 net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For more details about the security issues, including...

OESA-2025-2181 golang security update

. Security Fixes: The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contains metadata for another VC...

OESA-2025-2180 golang security update

. Security Fixes: A vulnerability was found in Google Go up to 1.23.11/1.24.5 Programming Language Software. It has been declared as problematic.The manipulation of the argument PATH with an unknown input leads to a unknown weakness.As an impact it is known to affect integrity.Upgrading to versio...

golang security update

1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106464...

OESA-2024-1771 golang security update

The Go Programming Language. Security Fixes: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading t...

SUSE-SU-2023:2845-1 Security update for go1.19

This update for go1.19 fixes the following issues: go was updated to version 1.19.11 bsc1200441: - CVE-2023-29406: Fixed insufficient sanitization of Host header in net/http bsc1213229...

SUSE-SU-2023:0733-1 Security update for go1.19

This update for go1.19 fixes the following issues: - CVE-2022-41722: Fixed path traversal in filepath.Clean on Windows bsc1208269. - CVE-2022-41723: Fixed quadratic complexity in HPACK decoding bsc1208270. - CVE-2022-41724: Fixed panic with arge handshake records in crypto/tls bsc1208271. -...

SUSE-SU-2021:2186-1 Security update for go1.16

This update for go1.16 fixes the following issues: Update to 1.16.5. Includes these security fixes - CVE-2021-33195: net: Lookup functions may return invalid host names bsc1187443. - CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion bsc1186622. - CVE-2021-33197:...

OPENSUSE-SU-2020:1405-1 Security update for go1.14

This update for go1.14 fixes the following issues: - go1.14 was updated to version 1.14.7 - CVE-2020-16845: dUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs bsc1174977. - go1.14.6 released 2020-07-16 includes fixes to the go command, the compiler, the linker, vet,...