CLSA-2026-1773161647 go-rpm-macros: Fix of CVE-2025-61726

CVE-2025-61726: fix denial of service due to excessive memory consumption when parsing a large form - version update to 1.25.6...

CVE-2025-61728 affecting package golang for versions less than 1.25.6-1

CVE-2025-61728 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

CVE-2025-61728 affecting package golang for versions less than 1.25.6-1

CVE-2025-61728 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

CVE-2025-68119 affecting package golang for versions less than 1.25.6-1

CVE-2025-68119 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

CVE-2025-61730 affecting package golang for versions less than 1.25.6-1

CVE-2025-61730 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

CVE-2025-68119 affecting package golang for versions less than 1.25.6-1

CVE-2025-68119 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

CVE-2025-68121 affecting package golang for versions less than 1.25.6-1

CVE-2025-68121 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

CVE-2025-61726 affecting package golang for versions less than 1.25.6-1

CVE-2025-61726 affecting package golang for versions less than 1.25.6-1. A patched version of the package is available...

AZL-75731 CVE-2025-61730 affecting package golang for versions less than 1.25.6-1

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

Allocation of Resources Without Limits or Throttling

Overview std/archive/zip is a Go standard library package std/archive/zip Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: archive/zip uses a super-linear file name indexing algorithm that is invoked the first time ...

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of "", "." a...

SUSE-SU-2026:20132-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

go1.25-1.25.6-1.1 on GA media (moderate)

go1.25-1.25.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10064-1 Rating: moderate Cross-References: CVE-2025-61726 CVE-2025-61728 CVE-2025-61730 CVE-2025-61731 CVE-2025-68119 CVE-2025-68121 CVSS scores: CVE-2025-61726 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-61726...

artifex mupdf 安全漏洞

artifex mupdf is a rich text editor for individual developers. Rich text editor is different from text editor, programmers can go to the Internet to download free rich text editor embedded in their own website or program of course, paid features will be more powerful, convenient for users to edit...

CVE-2025-46206

An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the mutool clean utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the stripoutline function enters infinite recursion...

PT-2026-2490

Name of the Vulnerable Software and Affected Versions Go versions prior to 1.26 Release Candidate 3 Description The issue resides within the crypto/tls package, specifically during TLS session resumption. If the underlying Config object has its ClientCAs or RootCAs fields modified between the...

[SECURITY] Fedora 27 Update: mpg123-1.25.6-1.fc27

Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 most commonly MPEG 1.0 layer 3 aka MP3, as well as re-usable decoding and output libraries...