Red Hat Product Errata RHSA-2026:19181 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19181 - Security Advisory Overview Updated Packages Synopsis Important: golang security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The golang packages provide the Go programming language compiler. Security Fix(es): crypto/x509: Incorrect enforcement of email constraints in crypto/x509 (CVE-2026-27137) net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2445345 - CVE-2026-27137 crypto/x509: Incorrect enforcement of email constraints in crypto/x509 BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url RHEL-169930 - Update Go to version 1.26.2+2 [rhel-9.8.z] CVEs CVE-2026-25679 CVE-2026-27137 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 x86_64 go-toolset-1.26.2-1.el9_8.x86_64.rpm SHA-256: 9bccff7b6e4128c13f817d50a5689a2a9a46e1130b37238144b430a71180b2f6 golang-1.26.2-1.el9_8.x86_64.rpm SHA-256: 3edfc49870d0e3e2142702063f4c7fcd913d9d57f286264b193f455a4ab2f9cd golang-bin-1.26.2-1.el9_8.x86_64.rpm SHA-256: 471f355a36beed2a3956ec3b1497002711f758a029931683ab51c502784fbb57 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b893155ebce3db55d847475489b86801a golang-race-1.26.2-1.el9_8.x86_64.rpm SHA-256: 59e75393a0cdffd1d5577a57e8607b618f0bc497e81d67b1ffbc728940d7cb84 golang-src-1.26.2-1.el9_8.noarch.rpm SHA-256: 5f13218b214e9201cd7dae94ba0d1ab56e90c78d7fa7183b9d543cab75339b28 golang-tests-1.26.2-1.el9_8.noarch.rpm SHA-256: fa62cd44bda403194d8b4651213103ab1c7a3a699a47290b800080e2444687a5 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 x86_64 go-toolset-1.26.2-1.el9_8.x86_64.rpm SHA-256: 9bccff7b6e4128c13f817d50a5689a2a9a46e1130b37238144b430a71180b2f6 golang-1.26.2-1.el9_8.x86_64.rpm SHA-256: 3edfc49870d0e3e2142702063f4c7fcd913d9d57f286264b193f455a4ab2f9cd golang-bin-1.26.2-1.el9_8.x86_64.rpm SHA-256: 471f355a36beed2a3956ec3b1497002711f758a029931683ab51c502784fbb57 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b893155ebce3db55d847475489b86801a golang-race-1.26.2-1.el9_8.x86_64.rpm SHA-256: 59e75393a0cdffd1d5577a57e8607b618f0bc497e81d67b1ffbc728940d7cb84 golang-src-1.26.2-1.el9_8.noarch.rpm SHA-256: 5f13218b214e9201cd7dae94ba0d1ab56e90c78d7fa7183b9d543cab75339b28 golang-tests-1.26.2-1.el9_8.noarch.rpm SHA-256: fa62cd44bda403194d8b4651213103ab1c7a3a699a47290b800080e2444687a5 Red Hat Enterprise Linux for IBM z Systems 9 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 s390x go-toolset-1.26.2-1.el9_8.s390x.rpm SHA-256: 33957aba6821a9acdb6ad189e549a08b66f5d71a73df192a616822cfe2db7496 golang-1.26.2-1.el9_8.s390x.rpm SHA-256: cbcd5491ba7a60e4dc521803a42d0d30ad28a864450dce87abecd1902f973e50 golang-bin-1.26.2-1.el9_8.s390x.rpm SHA-256: 268757d8945b4b1a3be0d96202037b3464ccc445aac6ac7e52aa9c7a3b307e30 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b893155ebce3db55d847475489b86801a golang-race-1.26.2-1.el9_8.s390x.rpm SHA-256: f57d247e3b80316ea7c5e530d9d763b8127981d28171557fb3fe01f42769b248 golang-src-1.26.2-1.el9_8.noarch.rpm SHA-256: 5f13218b214e9201cd7dae94ba0d1ab56e90c78d7fa7183b9d543cab75339b28 golang-tests-1.26.2-1.el9_8.noarch.rpm SHA-256: fa62cd44bda403194d8b4651213103ab1c7a3a699a47290b800080e2444687a5 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 s390x go-toolset-1.26.2-1.el9_8.s390x.rpm SHA-256: 33957aba6821a9acdb6ad189e549a08b66f5d71a73df192a616822cfe2db7496 golang-1.26.2-1.el9_8.s390x.rpm SHA-256: cbcd5491ba7a60e4dc521803a42d0d30ad28a864450dce87abecd1902f973e50 golang-bin-1.26.2-1.el9_8.s390x.rpm SHA-256: 268757d8945b4b1a3be0d96202037b3464ccc445aac6ac7e52aa9c7a3b307e30 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b893155ebce3db55d847475489b86801a golang-race-1.26.2-1.el9_8.s390x.rpm SHA-256: f57d247e3b80316ea7c5e530d9d763b8127981d28171557fb3fe01f42769b248 golang-src-1.26.2-1.el9_8.noarch.rpm SHA-256: 5f13218b214e9201cd7dae94ba0d1ab56e90c78d7fa7183b9d543cab75339b28 golang-tests-1.26.2-1.el9_8.noarch.rpm SHA-256: fa62cd44bda403194d8b4651213103ab1c7a3a699a47290b800080e2444687a5 Red Hat Enterprise Linux for Power, little endian 9 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 ppc64le go-toolset-1.26.2-1.el9_8.ppc64le.rpm SHA-256: c427916f28ebf67365807257bb17bc0cfc5e3d9362f185bca9d37af54a282618 golang-1.26.2-1.el9_8.ppc64le.rpm SHA-256: 7d03678cfefc0606c1f2a0995e7a6ecfb00ba4c65e1919c29f6f4e8efc8abba1 golang-bin-1.26.2-1.el9_8.ppc64le.rpm SHA-256: d59c05c3603eecc1becf5ccf65e226ecbc8a37b0bf6938c20fc1c53f0e124965 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b893155ebce3db55d847475489b86801a golang-race-1.26.2-1.el9_8.ppc64le.rpm SHA-256: 1a64ceaf90c9611afc087b72a49f73bd31626bed685ccd02c5c0c640e6f5ae52 golang-src-1.26.2-1.el9_8.noarch.rpm SHA-256: 5f13218b214e9201cd7dae94ba0d1ab56e90c78d7fa7183b9d543cab75339b28 golang-tests-1.26.2-1.el9_8.noarch.rpm SHA-256: fa62cd44bda403194d8b4651213103ab1c7a3a699a47290b800080e2444687a5 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 ppc64le go-toolset-1.26.2-1.el9_8.ppc64le.rpm SHA-256: c427916f28ebf67365807257bb17bc0cfc5e3d9362f185bca9d37af54a282618 golang-1.26.2-1.el9_8.ppc64le.rpm SHA-256: 7d03678cfefc0606c1f2a0995e7a6ecfb00ba4c65e1919c29f6f4e8efc8abba1 golang-bin-1.26.2-1.el9_8.ppc64le.rpm SHA-256: d59c05c3603eecc1becf5ccf65e226ecbc8a37b0bf6938c20fc1c53f0e124965 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b893155ebce3db55d847475489b86801a golang-race-1.26.2-1.el9_8.ppc64le.rpm SHA-256: 1a64ceaf90c9611afc087b72a49f73bd31626bed685ccd02c5c0c640e6f5ae52 golang-src-1.26.2-1.el9_8.noarch.rpm SHA-256: 5f13218b214e9201cd7dae94ba0d1ab56e90c78d7fa7183b9d543cab75339b28 golang-tests-1.26.2-1.el9_8.noarch.rpm SHA-256: fa62cd44bda403194d8b4651213103ab1c7a3a699a47290b800080e2444687a5 Red Hat Enterprise Linux for ARM 64 9 SRPM golang-1.26.2-1.el9_8.src.rpm SHA-256: 29712614f4909158b541de50270f2a3f432adba6c6e4282439cd6264a9bc10e3 aarch64 go-toolset-1.26.2-1.el9_8.aarch64.rpm SHA-256: 4b827b5e109bf6b9b3d663ac91118d392575ca9da09924a57577bbc1928b0e00 golang-1.26.2-1.el9_8.aarch64.rpm SHA-256: 6addfa136a5142ef3afaa8380f145810dcc6f2f80c7424bcd6a6f0f8704c55eb golang-bin-1.26.2-1.el9_8.aarch64.rpm SHA-256: db177bd83a9341a70cce5b588453008c3f1d8cf189d32f09be7a44ca124b5d29 golang-docs-1.26.2-1.el9_8.noarch.rpm SHA-256: d948b975b9dc1f7cc03263b41d129476eb8acdf8d91f25cc227541205da33c09 golang-misc-1.26.2-1.el9_8.noarch.rpm SHA-256: b27741c9d0897bf2e668939b1c626c2b8931