Severity:
('Important', ['ELSCVE-85875'])
Release date:
2026-04-16 10:48:32 UTC
Description:
- Rebuild with Go 1.25.8 to fix Go standard library CVE
- CVE-2026-25679: reject invalid IPv6 host literals in
net/url.Parse to prevent URL validation bypass
Updated packages:
-
git-lfs-3.6.1-2.el9_6.tuxcare.els4.x86_64.rpm
sha:3f2b021b41b8a099d62139b2f5f5b35838a4f9c5af3c48b1639eef4e03a212d2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
