Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2026:8840

Опубликовано: 21 апр. 2026
Источник: rocky
Оценка: Important

Описание

Important: go-rpm-macros security update

This package provides build-stage rpm automation to simplify the creation of Go language (golang) packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only.

Security Fix(es):

  • net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 10

НаименованиеАрхитектураРелизRPM
go-filesystemx86_648.el10_1go-filesystem-3.6.0-8.el10_1.x86_64.rpm
go-srpm-macrosnoarch8.el10_1go-srpm-macros-3.6.0-8.el10_1.noarch.rpm
go-rpm-macrosx86_648.el10_1go-rpm-macros-3.6.0-8.el10_1.x86_64.rpm
go-rpm-templatesx86_648.el10_1go-rpm-templates-3.6.0-8.el10_1.x86_64.rpm

Показывать по

Связанные CVE

CVE-2026-25679

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2026-25679

CVSS3: 7.5
ubuntu
4 месяца назад

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

redhat логотип

CVE-2026-25679

CVSS3: 7.5
redhat
4 месяца назад

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

nvd логотип

CVE-2026-25679

CVSS3: 7.5
nvd
4 месяца назад

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

msrc логотип

CVE-2026-25679

msrc
4 месяца назад

Incorrect parsing of IPv6 host literals in net/url

debian логотип

CVE-2026-25679

CVSS3: 7.5
debian
4 месяца назад

url.Parse insufficiently validated the host/authority component and ac ...