CLSA-2025-1748626881

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLSA-2025-1748626881

Upstream

CVE-2024-24789

CVE-2024-9355

Published

2025-05-30T17:41:25Z

Modified

2026-05-27T11:15:54.584196555Z

Summary

golang: Fix of 2 CVEs

Details

CVE-2024-24789: fix zip parsing to reject EOCDR records with truncated comments
CVE-2024-9355: fix HMAC to pass initialized length to EVP_DigestSignFinal, ensuring correct output handling.

References

https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1748626881.html

Affected packages

TuxCare:AlmaLinux:9.2

golang

Package

Name: golang
Purl: pkg:rpm/tuxcare/golang?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"

golang-bin

Package

Name: golang-bin
Purl: pkg:rpm/tuxcare/golang-bin?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"

golang-docs

Package

Name: golang-docs
Purl: pkg:rpm/tuxcare/golang-docs?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"

golang-misc

Package

Name: golang-misc
Purl: pkg:rpm/tuxcare/golang-misc?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"

golang-race

Package

Name: golang-race
Purl: pkg:rpm/tuxcare/golang-race?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"

golang-src

Package

Name: golang-src
Purl: pkg:rpm/tuxcare/golang-src?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"

golang-tests

Package

Name: golang-tests
Purl: pkg:rpm/tuxcare/golang-tests?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.19.13-1.el9_2.tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1748626881.json"