Issued at: 2026-05-29
Updated at: 2026-05-29
Synopsis
Important: go-fdo-client security update
Description
go-fdo-client is the device-side implementation of FIDO Device Onboard specification in Go. It provides an FDO client that interacts with FDO manufacturer and owner servers to perform device on-boarding.
Security Fix(es):
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 10 aarch64
Rocky Linux 10 riscv64
Rocky Linux 10 x86_64
Fixes
2456338
CVEs
CVE-2026-32283
Affected packages
Rocky Linux 10 aarch64 - AppStream
go-fdo-client-0:1.0.0-3.el10_2.src.rpm
go-fdo-client-debugsource-0:1.0.0-3.el10_2.aarch64.rpm
go-fdo-client-debuginfo-0:1.0.0-3.el10_2.aarch64.rpm
go-fdo-client-0:1.0.0-3.el10_2.aarch64.rpm
Rocky Linux 10 riscv64 - AppStream
go-fdo-client-0:1.0.0-3.el10_2.src.rpm
Rocky Linux 10 x86_64 - AppStream
go-fdo-client-0:1.0.0-3.el10_2.src.rpm
go-fdo-client-debuginfo-0:1.0.0-3.el10_2.x86_64.rpm
go-fdo-client-0:1.0.0-3.el10_2.x86_64.rpm
go-fdo-client-debugsource-0:1.0.0-3.el10_2.x86_64.rpm