Описание
ELSA-2025-8476: golang security update (MODERATE)
[1.23.9-1]
- Update to Go 1.23.9
- Remove runtime-usleep-s390x.patch, already merged
- Resolves: RHEL-93212
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
go-toolset
1.23.9-1.el9_6
golang
1.23.9-1.el9_6
golang-bin
1.23.9-1.el9_6
golang-docs
1.23.9-1.el9_6
golang-misc
1.23.9-1.el9_6
golang-race
1.23.9-1.el9_6
golang-src
1.23.9-1.el9_6
golang-tests
1.23.9-1.el9_6
Oracle Linux x86_64
go-toolset
1.23.9-1.el9_6
golang
1.23.9-1.el9_6
golang-bin
1.23.9-1.el9_6
golang-docs
1.23.9-1.el9_6
golang-misc
1.23.9-1.el9_6
golang-race
1.23.9-1.el9_6
golang-src
1.23.9-1.el9_6
golang-tests
1.23.9-1.el9_6
Связанные CVE
Связанные уязвимости
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator ...