Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:0101 - Security Advisory
Issued:
2020-01-14
Updated:
2020-01-14

RHSA-2020:0101 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: go-toolset-1.12-golang security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for go-toolset-1.12 and go-toolset-1.12-golang is now available for Red Hat Developer Tools.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

The following packages have been upgraded to a later upstream version: go-toolset-1.12-golang (1.12.12). (BZ#1759840, BZ#1785389)

Security Fix(es):

  • golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling (CVE-2019-16276)
  • golang: invalid public key causes panic in dsa.Verify (CVE-2019-17596)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Developer Tools (for RHEL Workstation) 1 x86_64
  • Red Hat Developer Tools (for RHEL Server) 1 x86_64
  • Red Hat Developer Tools (for RHEL Server for System Z) 1 s390x
  • Red Hat Developer Tools (for RHEL Server for IBM Power LE) 1 ppc64le

Fixes

  • BZ - 1755969 - CVE-2019-16276 golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling
  • BZ - 1763310 - CVE-2019-17596 golang: invalid public key causes panic in dsa.Verify

CVEs

  • CVE-2019-16276
  • CVE-2019-17596

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Developer Tools (for RHEL Workstation) 1

SRPM
go-toolset-1.12-1.12.12-4.el7.src.rpm SHA-256: 811727726b8e36119fcb579f4154c9c0f13f4787ae99aea885830798eaac80e7
go-toolset-1.12-golang-1.12.12-4.el7.src.rpm SHA-256: 9b9eb3a39e9d49be13d41b0594a5eca345ebfa1e52f4154acba43d4475621b33
x86_64
go-toolset-1.12-1.12.12-4.el7.x86_64.rpm SHA-256: 9bb32f4182e7321e472e0b31cdefb8434f45087af74c4e9d73d48e8fd83e8482
go-toolset-1.12-build-1.12.12-4.el7.x86_64.rpm SHA-256: 4661ac6d385b2132c272cf5489fd50717765c8ae27555c033a877b0273458fed
go-toolset-1.12-golang-1.12.12-4.el7.x86_64.rpm SHA-256: a96a274f3fb02e7bacbdde59eb50cd30b11e9d6a8cb54db125c14f787edf10f5
go-toolset-1.12-golang-bin-1.12.12-4.el7.x86_64.rpm SHA-256: 76936c9f6dd48642d93649632a13b510a51eb3bbd2124f86797ed80fac30e7ea
go-toolset-1.12-golang-docs-1.12.12-4.el7.noarch.rpm SHA-256: a0217441b57903ae7f65043d700d95eb5d011c048721e3631ef7c7ab9e1cc92b
go-toolset-1.12-golang-misc-1.12.12-4.el7.x86_64.rpm SHA-256: 39a011a37f907042e5a68cee9e1a6280ec268e46dd2654d147fb7bcf672e3542
go-toolset-1.12-golang-race-1.12.12-4.el7.x86_64.rpm SHA-256: 00476a49ea5974cc3e9b1c1dce44d1bd69d099f261ccfcdeb31e746141959528
go-toolset-1.12-golang-src-1.12.12-4.el7.x86_64.rpm SHA-256: 4e8b421edfdb3e7df0e10fc2a4cc6711bf068e5a6b9c0ded315ddb050f8b23bc
go-toolset-1.12-golang-tests-1.12.12-4.el7.x86_64.rpm SHA-256: a6bbd4a6054b9a26473cf33cc529363a3507e99fb25559772cf5da8e89fe5ba5
go-toolset-1.12-runtime-1.12.12-4.el7.x86_64.rpm SHA-256: 2dffc8a21f0ca2bde29253cc3ec4634a33d3776f67f230bef55c862e463bd47f

Red Hat Developer Tools (for RHEL Server) 1

SRPM
go-toolset-1.12-1.12.12-4.el7.src.rpm SHA-256: 811727726b8e36119fcb579f4154c9c0f13f4787ae99aea885830798eaac80e7
go-toolset-1.12-golang-1.12.12-4.el7.src.rpm SHA-256: 9b9eb3a39e9d49be13d41b0594a5eca345ebfa1e52f4154acba43d4475621b33
x86_64
go-toolset-1.12-1.12.12-4.el7.x86_64.rpm SHA-256: 9bb32f4182e7321e472e0b31cdefb8434f45087af74c4e9d73d48e8fd83e8482
go-toolset-1.12-build-1.12.12-4.el7.x86_64.rpm SHA-256: 4661ac6d385b2132c272cf5489fd50717765c8ae27555c033a877b0273458fed
go-toolset-1.12-golang-1.12.12-4.el7.x86_64.rpm SHA-256: a96a274f3fb02e7bacbdde59eb50cd30b11e9d6a8cb54db125c14f787edf10f5
go-toolset-1.12-golang-bin-1.12.12-4.el7.x86_64.rpm SHA-256: 76936c9f6dd48642d93649632a13b510a51eb3bbd2124f86797ed80fac30e7ea
go-toolset-1.12-golang-docs-1.12.12-4.el7.noarch.rpm SHA-256: a0217441b57903ae7f65043d700d95eb5d011c048721e3631ef7c7ab9e1cc92b
go-toolset-1.12-golang-misc-1.12.12-4.el7.x86_64.rpm SHA-256: 39a011a37f907042e5a68cee9e1a6280ec268e46dd2654d147fb7bcf672e3542
go-toolset-1.12-golang-race-1.12.12-4.el7.x86_64.rpm SHA-256: 00476a49ea5974cc3e9b1c1dce44d1bd69d099f261ccfcdeb31e746141959528
go-toolset-1.12-golang-src-1.12.12-4.el7.x86_64.rpm SHA-256: 4e8b421edfdb3e7df0e10fc2a4cc6711bf068e5a6b9c0ded315ddb050f8b23bc
go-toolset-1.12-golang-tests-1.12.12-4.el7.x86_64.rpm SHA-256: a6bbd4a6054b9a26473cf33cc529363a3507e99fb25559772cf5da8e89fe5ba5
go-toolset-1.12-runtime-1.12.12-4.el7.x86_64.rpm SHA-256: 2dffc8a21f0ca2bde29253cc3ec4634a33d3776f67f230bef55c862e463bd47f

Red Hat Developer Tools (for RHEL Server for System Z) 1

SRPM
go-toolset-1.12-1.12.12-4.el7.src.rpm SHA-256: 811727726b8e36119fcb579f4154c9c0f13f4787ae99aea885830798eaac80e7
go-toolset-1.12-golang-1.12.12-4.el7.src.rpm SHA-256: 9b9eb3a39e9d49be13d41b0594a5eca345ebfa1e52f4154acba43d4475621b33
s390x
go-toolset-1.12-1.12.12-4.el7.s390x.rpm SHA-256: 0754c51c685ea4d75d9a7f510f2d2b13d41f83da563dc21c087d75d9c0b4f1a9
go-toolset-1.12-build-1.12.12-4.el7.s390x.rpm SHA-256: c6720bf3f4d8b57bcd1270237568fc1e0c4c2cadb9fa5d49d8996f3eb80752c9
go-toolset-1.12-golang-1.12.12-4.el7.s390x.rpm SHA-256: 79f1be030ff9aba828b21048b54e862032ff13fea43e6f266d9927a3ac6a3899
go-toolset-1.12-golang-bin-1.12.12-4.el7.s390x.rpm SHA-256: 302f88781402feff95f2cc4afb8d8de80684f47342dc6b0c25136c42fbd2e91c
go-toolset-1.12-golang-docs-1.12.12-4.el7.noarch.rpm SHA-256: a0217441b57903ae7f65043d700d95eb5d011c048721e3631ef7c7ab9e1cc92b
go-toolset-1.12-golang-misc-1.12.12-4.el7.s390x.rpm SHA-256: a96eabb947798dd72db295e0c494cde141e2497de3b547a606dd0a6ce541626d
go-toolset-1.12-golang-src-1.12.12-4.el7.s390x.rpm SHA-256: 3e517453626442ec32fa8a0045f1d3d641dbfe83743ebe5bf977c754b525a310
go-toolset-1.12-golang-tests-1.12.12-4.el7.s390x.rpm SHA-256: 9f43f4ce27920a1c86681dc72c000639f1b48822e540487e75967536014f942e
go-toolset-1.12-runtime-1.12.12-4.el7.s390x.rpm SHA-256: 5d6b20b3c006e0cf157282cf7c5a1c267878f0b94c31794ccac2d8691bb44a38

Red Hat Developer Tools (for RHEL Server for IBM Power LE) 1

SRPM
go-toolset-1.12-1.12.12-4.el7.src.rpm SHA-256: 811727726b8e36119fcb579f4154c9c0f13f4787ae99aea885830798eaac80e7
go-toolset-1.12-golang-1.12.12-4.el7.src.rpm SHA-256: 9b9eb3a39e9d49be13d41b0594a5eca345ebfa1e52f4154acba43d4475621b33
ppc64le
go-toolset-1.12-1.12.12-4.el7.ppc64le.rpm SHA-256: 2aa2bed195cac8d377f4bd711eefb63ac0e0d69a5c8b91232756d114f6eb1d7a
go-toolset-1.12-build-1.12.12-4.el7.ppc64le.rpm SHA-256: 3a73b56d6c50549d11477d6f8b8ff201f6bd27b4717322363c754686af7bb55d
go-toolset-1.12-golang-1.12.12-4.el7.ppc64le.rpm SHA-256: 85e1bc26425be7a4a6f648c43befc78f47741f43bae8dac78b82ffbc1ef7867f
go-toolset-1.12-golang-bin-1.12.12-4.el7.ppc64le.rpm SHA-256: 2d42bcb92ad39858294d1dc7318aa7e421be4b3b0e78e72dab28e94c1eaa515c
go-toolset-1.12-golang-docs-1.12.12-4.el7.noarch.rpm SHA-256: a0217441b57903ae7f65043d700d95eb5d011c048721e3631ef7c7ab9e1cc92b
go-toolset-1.12-golang-misc-1.12.12-4.el7.ppc64le.rpm SHA-256: f74ec83dec4840a9c95b854dc51ef3e0bd0297387f5dc2323340c2aec8f44309
go-toolset-1.12-golang-src-1.12.12-4.el7.ppc64le.rpm SHA-256: 7c7d3dfccfefce6eccc62ef2922aaa3643c25f5865b79f96719748eb37521475
go-toolset-1.12-golang-tests-1.12.12-4.el7.ppc64le.rpm SHA-256: d6149186d56378326b43f0c17cf73d906269cf108e6cd8041010ee0fa0c28838
go-toolset-1.12-runtime-1.12.12-4.el7.ppc64le.rpm SHA-256: 8217ccd5b684031c6373c428890829f55fb3a5fc522058a0cc1c2bf4792d432d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility