Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-22668

Опубликовано: 05 дек. 2025
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2025-22668: go-toolset:rhel8 security update (MODERATE)

delve [1.25.2-1.0.1]

  • Disable DWARF compression which has issues (Alex Burmashev)

[1.25.2-1]

  • Update to Delve 1.25.2 (Sync from CentOS Stream 9)
  • Related: RHEL-121223

golang [1.25.3-1]

  • Update to Go 1.25.3 (sync from CentOS Stream 9)
  • Build go-toolset as a subpackage
  • Preserve GOAMD64=v1 for RHEL 8
  • Resolves: RHEL-121223

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module go-toolset:ol8 is enabled

delve

1.25.2-1.0.1.module+el8.10.0+90715+2d4d8dfd

go-toolset

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-bin

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-docs

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-misc

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-race

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-src

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-tests

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

Oracle Linux x86_64

Module go-toolset:ol8 is enabled

delve

1.25.2-1.0.1.module+el8.10.0+90715+2d4d8dfd

go-toolset

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-bin

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-docs

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-misc

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-race

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-src

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

golang-tests

1.25.3-2.module+el8.10.0+90715+2d4d8dfd

Связанные CVE

CVE-2025-47906
CVE-2025-58183

Ссылки на источники

Связанные уязвимости

rocky логотип

RLSA-2025:22668

rocky
около 1 месяца назад

Moderate: go-toolset:rhel8 security update

ubuntu логотип

CVE-2025-47906

CVSS3: 6.5
ubuntu
4 месяца назад

If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.

nvd логотип

CVE-2025-47906

CVSS3: 6.5
nvd
4 месяца назад

If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.

debian логотип

CVE-2025-47906

CVSS3: 6.5
debian
4 месяца назад

If the PATH environment variable contains paths which are executables ...

ubuntu логотип

CVE-2025-58183

CVSS3: 4.3
ubuntu
3 месяца назад

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.