(RHSA-2024:4212) Moderate: golang security update

2024-07-0200:13:40

access.redhat.com

rhsa-2024-4212

golang

security update

compiler

zip files

netip

ipv4-mapped ipv6 addresses

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

JSON

The golang packages provide the Go programming language compiler.

Security Fix(es):

golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9noarchgolang-tests< 1.21.11-1.el9_4golang-tests-1.21.11-1.el9_4.noarch.rpm
RedHat9s390xgo-toolset< 1.21.11-1.el9_4go-toolset-1.21.11-1.el9_4.s390x.rpm
RedHat9s390xgolang< 1.21.11-1.el9_4golang-1.21.11-1.el9_4.s390x.rpm
RedHat9aarch64golang< 1.21.11-1.el9_4golang-1.21.11-1.el9_4.aarch64.rpm
RedHat9x86_64go-toolset< 1.21.11-1.el9_4go-toolset-1.21.11-1.el9_4.x86_64.rpm
RedHat9noarchgolang-src< 1.21.11-1.el9_4golang-src-1.21.11-1.el9_4.noarch.rpm
RedHat9aarch64go-toolset< 1.21.11-1.el9_4go-toolset-1.21.11-1.el9_4.aarch64.rpm
RedHat9ppc64legolang< 1.21.11-1.el9_4golang-1.21.11-1.el9_4.ppc64le.rpm
RedHat9x86_64golang< 1.21.11-1.el9_4golang-1.21.11-1.el9_4.x86_64.rpm
RedHat9ppc64lego-toolset< 1.21.11-1.el9_4go-toolset-1.21.11-1.el9_4.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	noarch	golang-tests	< 1.21.11-1.el9_4	golang-tests-1.21.11-1.el9_4.noarch.rpm
RedHat	9	s390x	go-toolset	< 1.21.11-1.el9_4	go-toolset-1.21.11-1.el9_4.s390x.rpm
RedHat	9	s390x	golang	< 1.21.11-1.el9_4	golang-1.21.11-1.el9_4.s390x.rpm
RedHat	9	aarch64	golang	< 1.21.11-1.el9_4	golang-1.21.11-1.el9_4.aarch64.rpm
RedHat	9	x86_64	go-toolset	< 1.21.11-1.el9_4	go-toolset-1.21.11-1.el9_4.x86_64.rpm
RedHat	9	noarch	golang-src	< 1.21.11-1.el9_4	golang-src-1.21.11-1.el9_4.noarch.rpm
RedHat	9	aarch64	go-toolset	< 1.21.11-1.el9_4	go-toolset-1.21.11-1.el9_4.aarch64.rpm
RedHat	9	ppc64le	golang	< 1.21.11-1.el9_4	golang-1.21.11-1.el9_4.ppc64le.rpm
RedHat	9	x86_64	golang	< 1.21.11-1.el9_4	golang-1.21.11-1.el9_4.x86_64.rpm
RedHat	9	ppc64le	go-toolset	< 1.21.11-1.el9_4	go-toolset-1.21.11-1.el9_4.ppc64le.rpm