Red Hat Product Errata RHSA-2026:0922 - Security Advisory
Issued:
2026-01-21
Updated:
2026-01-21

RHSA-2026:0922 - Security Advisory

Synopsis

Important: golang security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for golang is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The golang packages provide the Go programming language compiler.

Security Fix(es):

  • crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 10 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 10 s390x
  • Red Hat Enterprise Linux for Power, little endian 10 ppc64le
  • Red Hat Enterprise Linux for ARM 64 10 aarch64

Fixes

  • BZ - 2418462 - CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

Red Hat Enterprise Linux for x86_64 10

SRPM
golang-1.25.5-1.el10_1.src.rpm SHA-256: 3f2eb7f779f2c0b4d2b7b123fab0cffc053374fefd30384985d1ac9be1a6da29
x86_64
go-toolset-1.25.5-1.el10_1.x86_64.rpm SHA-256: e3e7f73a6ae6a4bc89e698cae3ff11ef608c38fa4952364f4fb794092babf9b5
golang-1.25.5-1.el10_1.x86_64.rpm SHA-256: e50f256a872adf204b403bae22cf5eae4670d4183cdfe8985915d08fbf00be15
golang-bin-1.25.5-1.el10_1.x86_64.rpm SHA-256: 1c09952e04c71f77d043da41db4d2d96d58f7f6c6b87138e24b24f13c376d6e3
golang-docs-1.25.5-1.el10_1.noarch.rpm SHA-256: dc63026769d6986aed731b904b25c9a6c65f33997b3d0f0cc0aab4c6030bd029
golang-misc-1.25.5-1.el10_1.noarch.rpm SHA-256: 564a51f2a70cb26c1936107de6225ba172a3d430fac5d3d78fb166217199ad3f
golang-race-1.25.5-1.el10_1.x86_64.rpm SHA-256: 847143611a659b845e89eff083f648356a37b96cc04bd007c3c700d55afedc43
golang-src-1.25.5-1.el10_1.noarch.rpm SHA-256: 94ef7e521f4cf1ad2932e66d1ecf1f0d0e03db04ba18e440acb7204551bf4100
golang-tests-1.25.5-1.el10_1.noarch.rpm SHA-256: 22b52749ae65dafebd8d9a1ccec2b3fd5dc0794a1cdf365cd19af4649848d28c

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
golang-1.25.5-1.el10_1.src.rpm SHA-256: 3f2eb7f779f2c0b4d2b7b123fab0cffc053374fefd30384985d1ac9be1a6da29
s390x
go-toolset-1.25.5-1.el10_1.s390x.rpm SHA-256: c580c79aa9c004eddaaada90322c240d3f4830e76f15f958ea2a84ec8e0407ec
golang-1.25.5-1.el10_1.s390x.rpm SHA-256: c2f3ce280d232c421b2599aa32f188df5032f501e15827dddd7a5b9d45e57630
golang-bin-1.25.5-1.el10_1.s390x.rpm SHA-256: 4abed1fe7bc9435ae7b96f24104437b97f083c2541d4291ef7beada35f390188
golang-docs-1.25.5-1.el10_1.noarch.rpm SHA-256: dc63026769d6986aed731b904b25c9a6c65f33997b3d0f0cc0aab4c6030bd029
golang-misc-1.25.5-1.el10_1.noarch.rpm SHA-256: 564a51f2a70cb26c1936107de6225ba172a3d430fac5d3d78fb166217199ad3f
golang-race-1.25.5-1.el10_1.s390x.rpm SHA-256: 569f67be9fa6aceb5699e63686d2e4b0759f79b7e4a819136ca49281f9145009
golang-src-1.25.5-1.el10_1.noarch.rpm SHA-256: 94ef7e521f4cf1ad2932e66d1ecf1f0d0e03db04ba18e440acb7204551bf4100
golang-tests-1.25.5-1.el10_1.noarch.rpm SHA-256: 22b52749ae65dafebd8d9a1ccec2b3fd5dc0794a1cdf365cd19af4649848d28c

Red Hat Enterprise Linux for Power, little endian 10

SRPM
golang-1.25.5-1.el10_1.src.rpm SHA-256: 3f2eb7f779f2c0b4d2b7b123fab0cffc053374fefd30384985d1ac9be1a6da29
ppc64le
go-toolset-1.25.5-1.el10_1.ppc64le.rpm SHA-256: 97a8dc768cc7e5eab8decc424d3c3564c1526411492182ffe9d4bf4d8ab8dc00
golang-1.25.5-1.el10_1.ppc64le.rpm SHA-256: 96b46753403512668c49947c7ffec0f7540ce0c72f904bf032e6f5ec57ec7cb1
golang-bin-1.25.5-1.el10_1.ppc64le.rpm SHA-256: 78cf9349223fa6913c2d7c503bf9273a49cbe3046c13bfd7ff3a0465c6571993
golang-docs-1.25.5-1.el10_1.noarch.rpm SHA-256: dc63026769d6986aed731b904b25c9a6c65f33997b3d0f0cc0aab4c6030bd029
golang-misc-1.25.5-1.el10_1.noarch.rpm SHA-256: 564a51f2a70cb26c1936107de6225ba172a3d430fac5d3d78fb166217199ad3f
golang-race-1.25.5-1.el10_1.ppc64le.rpm SHA-256: 9b3fc5acbdf4c1eca63a600f7c2a41e8cfaaccf5222b71182d5395f50adaccdf
golang-src-1.25.5-1.el10_1.noarch.rpm SHA-256: 94ef7e521f4cf1ad2932e66d1ecf1f0d0e03db04ba18e440acb7204551bf4100
golang-tests-1.25.5-1.el10_1.noarch.rpm SHA-256: 22b52749ae65dafebd8d9a1ccec2b3fd5dc0794a1cdf365cd19af4649848d28c

Red Hat Enterprise Linux for ARM 64 10

SRPM
golang-1.25.5-1.el10_1.src.rpm SHA-256: 3f2eb7f779f2c0b4d2b7b123fab0cffc053374fefd30384985d1ac9be1a6da29
aarch64
go-toolset-1.25.5-1.el10_1.aarch64.rpm SHA-256: 1b5d405541af358d13beae4c0a296e50a84470634d5d8448a4ab063abcfe94b9
golang-1.25.5-1.el10_1.aarch64.rpm SHA-256: e11506a14acf1c60ae76e7e56a69911212bd5ef56b113fc32615d524703e234b
golang-bin-1.25.5-1.el10_1.aarch64.rpm SHA-256: 249a4e6d4b6573584d6cd44f02a7d083e7caddf58f50d5c4515f55001da42758
golang-docs-1.25.5-1.el10_1.noarch.rpm SHA-256: dc63026769d6986aed731b904b25c9a6c65f33997b3d0f0cc0aab4c6030bd029
golang-misc-1.25.5-1.el10_1.noarch.rpm SHA-256: 564a51f2a70cb26c1936107de6225ba172a3d430fac5d3d78fb166217199ad3f
golang-race-1.25.5-1.el10_1.aarch64.rpm SHA-256: a959e621cdbb7305b9b4823a0c1a631b68d30688b37fdf9400fe2bd2d3dbd49e
golang-src-1.25.5-1.el10_1.noarch.rpm SHA-256: 94ef7e521f4cf1ad2932e66d1ecf1f0d0e03db04ba18e440acb7204551bf4100
golang-tests-1.25.5-1.el10_1.noarch.rpm SHA-256: 22b52749ae65dafebd8d9a1ccec2b3fd5dc0794a1cdf365cd19af4649848d28c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.