Advisories » MGASA-2025-0221

Updated golang packages fix vulnerabilities

Publication date: 01 Sep 2025
Modification date: 01 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-47906 , CVE-2025-47907

Description

LookPath may return unexpected paths, CVE-2025-47906.
incorrect results returned from Rows.Scan, CVE-2025-47907.
These packages fix the issues for the compiler only; applications using the
functions still need to be rebuilt.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34584
• https://www.openwall.com/lists/oss-security/2025/08/06/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47906
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47907

SRPMS

9/core

• golang-1.24.6-1.mga9