77 matches found
RLSA-2026:29980 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 rhel-10.2.z JIRA:Rocky Linux-183347 For more detail...
golang security, bug fix, and enhancement update
An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...
RLSA-2026:29981 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 rhel-9.8.z JIRA:Rocky Linux-183350 For more details...
golang security, bug fix, and enhancement update
An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update
An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update
An update for golang is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
ALSA-2026:29980 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 almalinux-10.2.z JIRA:AlmaLinux-183347 For more...
ALSA-2026:29981 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 almalinux-9.8.z JIRA:AlmaLinux-183350 For more...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1878)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1878 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...
Amazon Linux 2023 : golang-github-burntsushi-toml-test, golang-github-burntsushi-toml-test-devel (ALAS2023-2026-1876)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1876 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...
CVE-2026-42507
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
OPENSUSE-SU-2026:20977-1 Security update for go1.25
This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
SUSE-SU-2026:22154-1 Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
SUSE SLED15 / SLES15 Security Update : go1.25 (SUSE-SU-2026:2326-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2326-1 advisory. This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x50...
SUSE SLED15 / SLES15 Security Update : go1.26 (SUSE-SU-2026:2327-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2327-1 advisory. This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509...
SUSE-SU-2026:2327-1 Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
Security update for go1.25
This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are...
SUSE-SU-2026:2326-1 Security update for go1.25
This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...