RHBA-2025:3823 - Bug Fix Advisory

Topic

An updated rhel8/go-toolset container image is now available in the Red Hat container registry.

Description

The rhel8/go-toolset container image provides Go Toolset, a compiler toolset for building applications using the Go language, and compiler suite.

To pull a container image, run one of the following commands as root:

podman pull registry.redhat.io/rhel8/go-toolset (authenticated)
podman pull registry.access.redhat.com/ubi8/go-toolset (unauthenticated)

For information on usage, see Using Go Toolset linked in the References section.

Solution

The container image provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io using the "podman pull" command.

Affected Products

• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

• BZ - 2341750 - CVE-2024-45341 golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints
• BZ - 2341751 - CVE-2024-45336 golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect
• RHEL-7377 - [Root Cause] Bad permissions on /opt/app-root/src for Openshift

CVEs

(none)

References

• https://catalog.redhat.com/software/containers/search