[El-errata] ELSA-2024-6913 Important: Oracle Linux 9 golang security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Sep 24 15:36:10 UTC 2024
Oracle Linux Security Advisory ELSA-2024-6913
http://linux.oracle.com/errata/ELSA-2024-6913.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
go-toolset-1.21.13-3.el9_4.x86_64.rpm
golang-1.21.13-3.el9_4.x86_64.rpm
golang-bin-1.21.13-3.el9_4.x86_64.rpm
golang-docs-1.21.13-3.el9_4.noarch.rpm
golang-misc-1.21.13-3.el9_4.noarch.rpm
golang-src-1.21.13-3.el9_4.noarch.rpm
golang-tests-1.21.13-3.el9_4.noarch.rpm
aarch64:
go-toolset-1.21.13-3.el9_4.aarch64.rpm
golang-1.21.13-3.el9_4.aarch64.rpm
golang-bin-1.21.13-3.el9_4.aarch64.rpm
golang-docs-1.21.13-3.el9_4.noarch.rpm
golang-misc-1.21.13-3.el9_4.noarch.rpm
golang-src-1.21.13-3.el9_4.noarch.rpm
golang-tests-1.21.13-3.el9_4.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//golang-1.21.13-3.el9_4.src.rpm
Related CVEs:
CVE-2024-24791
CVE-2024-34155
CVE-2024-34156
CVE-2024-34158
Description of changes:
[1.21.13-3]
- Related: RHEL-58226
[1.21.13-2]
- Rebuild Go with CVE Fixes
- Remove fix-memleak-setupRSA.patch (exists upstream)
- Resolves: RHEL-58226
- Resolves: RHEL-57962
- Resolves: RHEL-57848
- Resolves: RHEL-57865
[1.21.13-1]
- Rebase to Go1.21.13 to pick the fix for CVE-2024-24791
- Technically Go1.21.12 contains the fix for the CVE but there was another
latest release so rebasing to that
- Resolves: RHEL-53547
More information about the El-errata
mailing list