{"id":"RLSA-2023:3083","summary":"Moderate: go-toolset:Rocky Linux8 security and bug fix update","details":"Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Backport fix for https://github.com/golang/go/issues/56891 (BZ#2167412)\n\n* Update Go to 1.19.6 (BZ#2174430)","modified":"2026-02-05T02:30:09.586897Z","published":"2023-05-18T19:17:56.497129Z","upstream":["CVE-2022-41724","CVE-2022-41725"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2023:3083"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178488"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178492"}],"affected":[{"package":{"name":"delve","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/delve?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.1-1.module+el8.8.0+1263+19d1a562"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3083.json"}},{"package":{"name":"golang","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/golang?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.19.6-1.module+el8.8.0+1263+19d1a562"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3083.json"}},{"package":{"name":"go-toolset","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/go-toolset?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.19.6-1.module+el8.8.0+1263+19d1a562"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3083.json"}}],"schema_version":"1.7.3","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}