9 matches found
Security update for helm (important)
openSUSE security update: security update for helm ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20994-1 Rating: important References: bsc1266598 Cross-References: CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4...
SUSE-SU-2026:22233-1 Security update for helm
This update for helm fixes the following issue - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation bsc1266598. Changes for helm: - Update to version 3.21.1: Fixed nil pointer panic that could happen wi...
CLSA-2026-1778254382 buildah: Fix of CVE-2026-25679
rebuild on tuxcare9.6esu with newer golang version 1.25.7-1.el96.tuxcare.els2 to fix the following CVE: - CVE-2026-25679: fix insufficient validation of host/authority component in url.Parse - split golang BuildRequires by .el96 so each ELS platform pulls its own fixed golang version el96 -...
Oracle Linux 9 : git-lfs (ELSA-2026-3928)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3928 advisory. 3.6.1-7 - Rebuild with new Golang - Resolves: RHEL-146860, RHEL-149620 3.6.1-6 - Rebuild with new Golang - Resolves: RHEL-147080 3.6.1-5 - Rebuild with...
CLSA-2025-1764692266 buildah: Fix of 4 CVEs
Update buildah to 1.39.6 - CVE-2025-52881: fix runc vulnerability by updating to runc v1.2.8 - Update golang dependency to 1.22.9.tuxcare.els1 - Remove patches for fixes included in upstream CVE-2024-9341, CVE-2024-9407, CVE-2025-27144...
CVE-2022-30631 affecting package golang 1.18.3-1
CVE-2022-30631 affecting package golang 1.18.3-1. An upgraded version of the package is available that resolves this issue...
RLSA-2021:3076 Moderate: go-toolset:rhel8 security, bug fix, and enhancement update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: golang 1.15.14. BZ1982287 Security Fixes: golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a cust...
CVE-2020-28366 affecting package golang 1.13.15-2
CVE-2020-28366 affecting package golang 1.13.15-2. An upgraded version of the package is available that resolves this issue...
Debian DLA-1123-1 : golang security update
It was discovered that there was an issue in the Go programming language library where an attacker could generate a MIME request such that the server ran out of file descriptors. For Debian 7 'Wheezy', this issue has been fixed in golang version 2:1.0.2-1.1+deb7u1. We recommend that you upgrade...