SUSE-SU-2026:2326-1 Security update for go1.25

This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

CLSA-2025-1762538558 containernetworking-plugins: Fix of 13 CVEs

rebuild with newer golang to fix multiple security vulnerabilities: - CVE-2023-24534: fix HTTP/2 rapid reset attack leading to denial of service - CVE-2023-29400: fix HTTP/2 frame processing panic leading to denial of service - CVE-2022-41725: fix HTTP/2 server connection handling causing...

go1.25-1.25.9-1.1 on GA media (moderate)

go1.25-1.25.9-1.1 on GA media Announcement ID: openSUSE-SU-2026:10514-1 Rating: moderate Cross-References: CVE-2026-27140 CVE-2026-27143 CVE-2026-27144 CVE-2026-32280 CVE-2026-32281 CVE-2026-32282 CVE-2026-32283 CVE-2026-32288 CVE-2026-32289 CVSS scores: CVE-2026-27143 SUSE : 7.4...

RHSA-2026:0923 Red Hat Security Advisory: golang security update

Bulletin has no description...

SUSE-SU-2026:0977-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to go 1.25.8 bsc1244485, jscSLE-18320: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

CLSA-2026-1773313831 delve: Fix of CVE-2025-68121

Rebuild with golang 1.22.9-1.el92.tuxcare.els6 to fix CVE-2025-68121 - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry...

SUSE-SU-2026:0789-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68119: cmd/go: unexpected code...

CLSA-2026-1772464786 grafana: Fix of CVE-2025-68121

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE's - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry...

CLSA-2026-1772456640 podman: Fix of 4 CVEs

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE's - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry - CVE-2025-61726: limit parsed URL query parameters to...

Oracle Linux 10 : podman (ELSA-2026-3336)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3336 advisory. - Rebuild for new golang to address CVE-2025-61726 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.25-openssl (SUSE-SU-2026:0298-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0298-1 advisory. Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: -...

Oracle Linux 9 : golang (ELSA-2026-0923)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0923 advisory. 1.25.5-2 - Rebase to rhel-9-main - Related: RHEL-139366 1.25.5-1 - Update to Go 1.25.5 fips-1 - Resolves: RHEL-139366 1.25.3-2 - Cleanup lib/ ownership Tenable...

SUSE-SU-2025:4421-1 Security update for buildah

This update for buildah rebuilds it against the current security release of GO...

go1.24-1.24.11-1.1 on GA media (moderate)

go1.24-1.24.11-1.1 on GA media Announcement ID: openSUSE-SU-2025:15796-1 Rating: moderate Cross-References: CVE-2025-61727 CVE-2025-61729 CVSS scores: CVE-2025-61727 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61727 SUSE : 8.2...

CLSA-2025-1762420153 delve: Fix of CVE-2024-34156

rebuild with newer golang to fix CVE-2024-34156 stack exhaustion in encoding/gob when decoding deeply nested structures...

CLSA-2025-1762181347 containernetworking-plugins: Fix of CVE-2023-24540

rebuild with newer golang to fix CVE-2023-24540 sanitize templates with whitespace outside the allowed character set in JavaScript contexts...

Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...

SUSE-SU-2025:02759-1 Security update for go1.23

This update for go1.23 fixes the following issues: - Update to go1.23.12: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go74415 runtime: use-after-free of allpSnapshot in findRunnable go74693 runtime...