Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-8478

Опубликовано: 04 июн. 2025
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2025-8478: go-toolset:ol8 security update (MODERATE)

delve [1.24.1-1.0.1]

  • Disable DWARF compression which has issues (Alex Burmashev)

golang [1.23.9-1]

  • Update to Go 1.23.9
  • Resolves: RHEL-94636

go-toolset [1.23.9-1]

  • Update to Go 1.23.9
  • Resolves: RHEL-94636

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module go-toolset:ol8 is enabled

delve

1.24.1-1.0.1.module+el8.10.0+90602+3daf471e

go-toolset

1.23.9-1.module+el8.10.0+90602+3daf471e

golang

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-bin

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-docs

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-misc

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-src

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-tests

1.23.9-1.module+el8.10.0+90602+3daf471e

Oracle Linux x86_64

Module go-toolset:ol8 is enabled

delve

1.24.1-1.0.1.module+el8.10.0+90602+3daf471e

go-toolset

1.23.9-1.module+el8.10.0+90602+3daf471e

golang

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-bin

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-docs

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-misc

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-src

1.23.9-1.module+el8.10.0+90602+3daf471e

golang-tests

1.23.9-1.module+el8.10.0+90602+3daf471e

Связанные CVE

CVE-2025-22871

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2025-22871

CVSS3: 9.1
ubuntu
2 месяца назад

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

redhat логотип

CVE-2025-22871

CVSS3: 5.4
redhat
2 месяца назад

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

nvd логотип

CVE-2025-22871

CVSS3: 9.1
nvd
2 месяца назад

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

msrc логотип

CVE-2025-22871

CVSS3: 9.1
msrc
2 месяца назад

Описание отсутствует

debian логотип

CVE-2025-22871

CVSS3: 9.1
debian
2 месяца назад

The net/http package improperly accepts a bare LF as a line terminator ...