[CLSA-2025:1748626881] golang: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2025-05-30 17:41:25 UTC
Description:
- CVE-2024-24789: fix zip parsing to reject EOCDR records with truncated comments - CVE-2024-9355: fix HMAC to pass initialized length to EVP_DigestSignFinal, ensuring correct output handling.
Updated packages:
  • golang-1.19.13-1.el9_2.tuxcare.els8.x86_64.rpm
    sha:19addf64bb07632129c448fbbcc89c1365121cb23625b696c92dfb7fbba5bd8f
  • golang-bin-1.19.13-1.el9_2.tuxcare.els8.x86_64.rpm
    sha:7df93356bbabb52464d17c95b57aeb38e7846313cf62691300b035284670fbf6
  • golang-docs-1.19.13-1.el9_2.tuxcare.els8.noarch.rpm
    sha:e7f99a25e45c4e6131634cde46437b0cde1af39fa2894d010b0eaed23ade7a93
  • golang-misc-1.19.13-1.el9_2.tuxcare.els8.noarch.rpm
    sha:caab8c15dbbfeeef02ecabd44fd7294d901f0a1b60a27156a8250b7d0b60c600
  • golang-race-1.19.13-1.el9_2.tuxcare.els8.x86_64.rpm
    sha:7ee324887f996ae5ee4e151854f1d431704bda47ad41862d9caac01a0b7096fe
  • golang-src-1.19.13-1.el9_2.tuxcare.els8.noarch.rpm
    sha:b50a03114e1fbea53d5038ec9ba8e63d0570455cc75834363d275e9e699d60ab
  • golang-tests-1.19.13-1.el9_2.tuxcare.els8.noarch.rpm
    sha:2e430eb4558fe123a2c0da7d60071c08e39c9049883b2ca0ca3330d15207ed98
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.