ELSA-2025-7466

Опубликовано: 27 июн. 2025

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2025-7466: delve and golang security update (MODERATE)

delve [1.24.1-1.0.1]

Disable DWARF compression which has issues (Alex Burmashev)

[1.24.1-1]

Update Delve to 1.24.1

[1.22.1-6]

plans/ci.fmf: Update repo

golang [1.23.7-1]

Update to 1.23.7
golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341)
golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

delve

1.24.1-1.0.1.el10_0

go-toolset

1.23.7-1.el10_0

golang

1.23.7-1.el10_0

golang-bin

1.23.7-1.el10_0

golang-docs

1.23.7-1.el10_0

golang-misc

1.23.7-1.el10_0

golang-src

1.23.7-1.el10_0

golang-tests

1.23.7-1.el10_0

Oracle Linux x86_64

delve

1.24.1-1.0.1.el10_0

go-toolset

1.23.7-1.el10_0

golang

1.23.7-1.el10_0

golang-bin

1.23.7-1.el10_0

golang-docs

1.23.7-1.el10_0

golang-misc

1.23.7-1.el10_0

golang-src

1.23.7-1.el10_0

golang-tests

1.23.7-1.el10_0

Связанные CVE

CVE-2025-22866

CVE-2024-45341

CVE-2024-45336

Ссылки на источники

Связанные уязвимости

SUSE-SU-2025:1555-1

suse-cvrf

3 месяца назад

Security update for go1.22-openssl

SUSE-SU-2025:01731-1

suse-cvrf

2 месяца назад

Security update for go1.23-openssl

SUSE-SU-2025:0281-1

suse-cvrf

6 месяцев назад

Security update for go1.22

SUSE-SU-2025:0280-1

suse-cvrf

6 месяцев назад

Security update for go1.23

ROS-20250212-16

CVSS3: 6.1

redos

6 месяцев назад

Множественные уязвимости golang