RHSA-2021:5176: Red Hat Security Advisory: go-toolset-1.16 and go-toolset-1.16-golang security and bug fix update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus
• Red Hat CodeReady Studio

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2021-12-16

Updated:

2021-12-16

RHSA-2021:5176 - Security Advisory

• Overview
• Updated Packages

Synopsis

Important: go-toolset-1.16 and go-toolset-1.16-golang security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for go-toolset-1.16 and go-toolset-1.16-golang is now available for Red Hat Developer Tools.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

Security Fix(es):

• golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
• golang: syscall: don’t close fd 0 on ForkExec error (CVE-2021-44717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Rebase Go to 1.16.12 [devtools-2021.4.z] (BZ#2031148)

Affected Products

• Red Hat Developer Tools (for RHEL Workstation) 1 x86_64
• Red Hat Developer Tools (for RHEL Server) 1 x86_64
• Red Hat Developer Tools (for RHEL Server for System Z) 1 s390x
• Red Hat Developer Tools (for RHEL Server for IBM Power LE) 1 ppc64le

Fixes

• BZ - 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
• BZ - 2030806 - CVE-2021-44717 golang: syscall: don’t close fd 0 on ForkExec error

References

• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.16.6_toolset

Red Hat Developer Tools (for RHEL Workstation) 1

SRPM

go-toolset-1.16-1.16.12-1.el7_9.src.rpm

SHA-256: f9653b447307b3e4e3aee8a30d6d42b015470e2f840d4f58887cbd903e106c0b

go-toolset-1.16-golang-1.16.12-1.el7_9.src.rpm

SHA-256: f527282bd382da74d54bed7510dfb9a5a05efcbd3f8ca7af76d2e7becdb16c44

x86_64

go-toolset-1.16-1.16.12-1.el7_9.x86_64.rpm

SHA-256: e630499b2d40feacfc5baef92e09c8f8872ad6960c543e749fce05b433d0913c

go-toolset-1.16-build-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 09dfa037e67a2642690b5296f12d2d5acdf7c66a428e4218729925b5a18105da

go-toolset-1.16-golang-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 7c700528c81fe115f96d4cf5de4f66729cd5fd753ca3f7a06af002c5fb6c90d1

go-toolset-1.16-golang-bin-1.16.12-1.el7_9.x86_64.rpm

SHA-256: fc8d9f6c48ff5372b4a48f4e743f99026b7c2a2c93ad5fd776c07533e0bcdd43

go-toolset-1.16-golang-docs-1.16.12-1.el7_9.noarch.rpm

SHA-256: 5573a2e1d8315ee5a6260af478d08d32f34440ef8b83d84c367b96fc095ed617

go-toolset-1.16-golang-misc-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 157b23c8efb60fe32df96d74bbc5ae63261ec67600d1fdd445886b7f1bb5d812

go-toolset-1.16-golang-race-1.16.12-1.el7_9.x86_64.rpm

SHA-256: a9839d5452d4b1d69f5760275b99bd41798922e8a10e04f680a41be795ebec38

go-toolset-1.16-golang-src-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 1ef4607d5aa0b9f59347a6f6e433cfedae37452c43b334ad5bfb1c901df15b4c

go-toolset-1.16-golang-tests-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 0906f4e1616a73208259e20fc61ba44ece0b388cef897f73d32ebc0c20bdde72

go-toolset-1.16-runtime-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 49f665930a15799f59bd885e740be94cc484cd093494eda7e27ea5f9b23da539

go-toolset-1.16-scldevel-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 7050746eae71b16339fc430634bd5e662f4f0e122d8a9dd35ab0d3150b2e6244

Red Hat Developer Tools (for RHEL Server) 1

SRPM

go-toolset-1.16-1.16.12-1.el7_9.src.rpm

SHA-256: f9653b447307b3e4e3aee8a30d6d42b015470e2f840d4f58887cbd903e106c0b

go-toolset-1.16-golang-1.16.12-1.el7_9.src.rpm

SHA-256: f527282bd382da74d54bed7510dfb9a5a05efcbd3f8ca7af76d2e7becdb16c44

x86_64

go-toolset-1.16-1.16.12-1.el7_9.x86_64.rpm

SHA-256: e630499b2d40feacfc5baef92e09c8f8872ad6960c543e749fce05b433d0913c

go-toolset-1.16-build-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 09dfa037e67a2642690b5296f12d2d5acdf7c66a428e4218729925b5a18105da

go-toolset-1.16-golang-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 7c700528c81fe115f96d4cf5de4f66729cd5fd753ca3f7a06af002c5fb6c90d1

go-toolset-1.16-golang-bin-1.16.12-1.el7_9.x86_64.rpm

SHA-256: fc8d9f6c48ff5372b4a48f4e743f99026b7c2a2c93ad5fd776c07533e0bcdd43

go-toolset-1.16-golang-docs-1.16.12-1.el7_9.noarch.rpm

SHA-256: 5573a2e1d8315ee5a6260af478d08d32f34440ef8b83d84c367b96fc095ed617

go-toolset-1.16-golang-misc-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 157b23c8efb60fe32df96d74bbc5ae63261ec67600d1fdd445886b7f1bb5d812

go-toolset-1.16-golang-race-1.16.12-1.el7_9.x86_64.rpm

SHA-256: a9839d5452d4b1d69f5760275b99bd41798922e8a10e04f680a41be795ebec38

go-toolset-1.16-golang-src-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 1ef4607d5aa0b9f59347a6f6e433cfedae37452c43b334ad5bfb1c901df15b4c

go-toolset-1.16-golang-tests-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 0906f4e1616a73208259e20fc61ba44ece0b388cef897f73d32ebc0c20bdde72

go-toolset-1.16-runtime-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 49f665930a15799f59bd885e740be94cc484cd093494eda7e27ea5f9b23da539

go-toolset-1.16-scldevel-1.16.12-1.el7_9.x86_64.rpm

SHA-256: 7050746eae71b16339fc430634bd5e662f4f0e122d8a9dd35ab0d3150b2e6244

Red Hat Developer Tools (for RHEL Server for System Z) 1

SRPM

go-toolset-1.16-1.16.12-1.el7_9.src.rpm

SHA-256: f9653b447307b3e4e3aee8a30d6d42b015470e2f840d4f58887cbd903e106c0b

go-toolset-1.16-golang-1.16.12-1.el7_9.src.rpm

SHA-256: f527282bd382da74d54bed7510dfb9a5a05efcbd3f8ca7af76d2e7becdb16c44

s390x

go-toolset-1.16-1.16.12-1.el7_9.s390x.rpm

SHA-256: 29f02c38b345325e405bb9fae8dbb8f5376d64d82641335559d848e18586f6a8

go-toolset-1.16-build-1.16.12-1.el7_9.s390x.rpm

SHA-256: c7a250251dab569a297423c8c9a09b61093611deec278f3289ca7cd201fbb9f5

go-toolset-1.16-golang-1.16.12-1.el7_9.s390x.rpm

SHA-256: da69a44e3e1576530df87680e198491b4daab0be6b5b5be754c8d95643bd41a6

go-toolset-1.16-golang-bin-1.16.12-1.el7_9.s390x.rpm

SHA-256: b8dd3cfdd3a5f152dcce296b0f78da81a30add7c7d8d9bd13e6a48415a8014a2

go-toolset-1.16-golang-docs-1.16.12-1.el7_9.noarch.rpm

SHA-256: 5573a2e1d8315ee5a6260af478d08d32f34440ef8b83d84c367b96fc095ed617

go-toolset-1.16-golang-misc-1.16.12-1.el7_9.s390x.rpm

SHA-256: 9b00cc5d84d29fb90e393a75174d9807d7790d7afebd95184dcee5c4c58e78f5

go-toolset-1.16-golang-src-1.16.12-1.el7_9.s390x.rpm

SHA-256: ed2f449c63047cf90934a486d152d852e1c9fc730823bac3b8ff65aba307f248

go-toolset-1.16-golang-tests-1.16.12-1.el7_9.s390x.rpm

SHA-256: f8b1fe38218fe3cc934fa24a7af5cdf9fc54d73d50548c3c556f622c6fa94a05

go-toolset-1.16-runtime-1.16.12-1.el7_9.s390x.rpm

SHA-256: b25adecddb4917db0f17cf9df3c82463ac2323aaf22c8310a8857f5367e9e1b7

go-toolset-1.16-scldevel-1.16.12-1.el7_9.s390x.rpm

SHA-256: 66985efbbe7e033621fc32952fc5f45e8cf940ca668408f0bb0614619763a252

Red Hat Developer Tools (for RHEL Server for IBM Power LE) 1

SRPM

go-toolset-1.16-1.16.12-1.el7_9.src.rpm

SHA-256: f9653b447307b3e4e3aee8a30d6d42b015470e2f840d4f58887cbd903e106c0b

go-toolset-1.16-golang-1.16.12-1.el7_9.src.rpm

SHA-256: f527282bd382da74d54bed7510dfb9a5a05efcbd3f8ca7af76d2e7becdb16c44

ppc64le

go-toolset-1.16-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: cd7ddd054bb4a12d0208285223a27f6179d36d019465abdb48e32dd9e70bdc86

go-toolset-1.16-build-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: cfdf37b0f6abdb7cbe7ddb9e364cd41eb5e9465ba44820f0dfabc1a87c55f2dc

go-toolset-1.16-golang-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: 6bad5c232950fb603446e069113d14740067104c4b0272ac1b94964516ceb745

go-toolset-1.16-golang-bin-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: c961a25614c76ebbdc4db3776be1a5276570514310c271d9b938b84cd92afa0f

go-toolset-1.16-golang-docs-1.16.12-1.el7_9.noarch.rpm

SHA-256: 5573a2e1d8315ee5a6260af478d08d32f34440ef8b83d84c367b96fc095ed617

go-toolset-1.16-golang-misc-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: 85ec4f03128ccfa241979fdd2211d5ad2006d5ac1ed590da396dbc7425e2bed3

go-toolset-1.16-golang-src-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: 438059e6311ce199bfe46c2dca4e9ef6f391068fba595cb78f64a5aa6c96647e

go-toolset-1.16-golang-tests-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: 654963132a790c4f089533837965d1ae63da592c4e129319e07c556a9afdd00b

go-toolset-1.16-runtime-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: bb7da962a26aa71bbf83f1b7a44543d565ab69c909ab9f9fb998bbc0ffd38885

go-toolset-1.16-scldevel-1.16.12-1.el7_9.ppc64le.rpm

SHA-256: 07511a33c16336f9a2df639463fcf79cf466c019eb949dc1a21ea5d130f8434a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.