- Issued:
- 2025-07-09
- Updated:
- 2025-07-09
RHSA-2025:10672 - Security Advisory
Synopsis
Moderate: go-toolset:rhel8 security update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
- net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
Fixes
- BZ - 2373305 - CVE-2025-4673 net/http: Sensitive headers not cleared on cross-origin redirect in net/http
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 8
| SRPM | |
|---|---|
| delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm | SHA-256: f2cc1f7ce0ff833db04bb5b97d495bebb38525cf034f0ac7d5abbffd3468bd04 |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: c52e4c74a9db242944a85ebd33714a67d2c14760ae4c3adf54d3fc7644066bd2 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: 6f258e154b1307b43f778c49eb5cc260f79dd8277cb9fa1d8390dc6d6cd62ee1 |
| x86_64 | |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm | SHA-256: 5882a0cfa7eb18396621d8783f062a506ae6977d9a5a29e9c05ae7e5fd93dc8a |
| delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm | SHA-256: 0eebebbed117c0b0e191bb086b8785f0ff982d89717733d2a711bcf66a0f7176 |
| delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm | SHA-256: fc3f176322bdd65942d986bb5da347e89c7392164ea225ef522905e9452d37a2 |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm | SHA-256: 0e1741aafa9009fc597619639ff7cce5dde48d2a5a1e7fa6dfe68c9ed8676ec2 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm | SHA-256: 6a4b1771660ea892989bb114c645ddedf9647f20c0908925516279be322cf927 |
| golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm | SHA-256: 29ac9dd72b6e93bbbc2a678ddbaa9c28dbadedff5a5c8205424b0e523168382c |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
Red Hat Enterprise Linux for IBM z Systems 8
| SRPM | |
|---|---|
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: c52e4c74a9db242944a85ebd33714a67d2c14760ae4c3adf54d3fc7644066bd2 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: 6f258e154b1307b43f778c49eb5cc260f79dd8277cb9fa1d8390dc6d6cd62ee1 |
| s390x | |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm | SHA-256: b25d629714b48e09bdd3db8a3e04b652f739bf2a3020e7317c7b3901d108c3c0 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm | SHA-256: 2516f4b09c034bbcf1f045e792ebfa96cef107adbe962822f02ac47513b438e3 |
| golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm | SHA-256: efee06c52893b768103ffc390769c21f435b793809191966a3f8db6d86ec8121 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
Red Hat Enterprise Linux for Power, little endian 8
| SRPM | |
|---|---|
| delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm | SHA-256: f2cc1f7ce0ff833db04bb5b97d495bebb38525cf034f0ac7d5abbffd3468bd04 |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: c52e4c74a9db242944a85ebd33714a67d2c14760ae4c3adf54d3fc7644066bd2 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: 6f258e154b1307b43f778c49eb5cc260f79dd8277cb9fa1d8390dc6d6cd62ee1 |
| ppc64le | |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm | SHA-256: 65c9cfbedd22a0a4c00e0cbc2b3674e259c5233937e7292f72b009b4eb882e4b |
| delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm | SHA-256: 7259c25a4280b9d2d914697a4692e59a40de21cf74d3ef63af7351724098094b |
| delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm | SHA-256: f7e2adc3bf71a3a4b2d1183a746307db9d3884b4915f8dfbb9a30a3ebbedb5eb |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm | SHA-256: db46da33cf2274498d445090bdd6ee8c19d2085ef02b12ea3072278df687249c |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm | SHA-256: ea22f26ec00f02b617cbfcfe11e794121c78f9fa9dc59d61cf998401fcc40bdb |
| golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm | SHA-256: 94cb4c463636d2e5c40eefde742c20085008f83f65eac509166b7cd7342a4ab2 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
Red Hat Enterprise Linux for ARM 64 8
| SRPM | |
|---|---|
| delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm | SHA-256: f2cc1f7ce0ff833db04bb5b97d495bebb38525cf034f0ac7d5abbffd3468bd04 |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: c52e4c74a9db242944a85ebd33714a67d2c14760ae4c3adf54d3fc7644066bd2 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm | SHA-256: 6f258e154b1307b43f778c49eb5cc260f79dd8277cb9fa1d8390dc6d6cd62ee1 |
| aarch64 | |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
| delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm | SHA-256: 99335542a8129ded4ecd8a2f6f23c70cd5503468c58dd461bdf47ae1e55ab086 |
| delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm | SHA-256: 0403dc76b309407f7f05c32f0cff54ef34607fcb2eb46e65b6f379428202f07f |
| delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm | SHA-256: 45f6715a8c2e817b385a5c7a94bd75580307a73fdc47cb8a935926250ca91fd3 |
| go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm | SHA-256: 29101b837bbdd2811b618773b7149f112e44612ebeffe2d7d13d2a47736567e9 |
| golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm | SHA-256: 2e5aca204b428b9c2113d044ed10211cb434a75a328d7d59baf511d9484edeb4 |
| golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm | SHA-256: d1b1776dd0717ed813ba0286d61b25351b3f47099200aa0b72c498ca7982f5d7 |
| golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: dd5937d367c0c4305b0eb51ce77c6e0b398238fea5426e18ade5d0cbec483af3 |
| golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: fda943457eef7f8f308b88dee10a72e7f01177ccb5fa3f1ad82f3848a9e0e7af |
| golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 575d76ec250ee0662d69fdbc7f3946ee4988b44df2a3defc9ea66e43e325733e |
| golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm | SHA-256: 1a875cd71e82f4c799339d0a893e5de808c22308525b3609f7c95b97d80bbb03 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
