CLSA-2025-1762538558 containernetworking-plugins: Fix of 13 CVEs

rebuild with newer golang to fix multiple security vulnerabilities: - CVE-2023-24534: fix HTTP/2 rapid reset attack leading to denial of service - CVE-2023-29400: fix HTTP/2 frame processing panic leading to denial of service - CVE-2022-41725: fix HTTP/2 server connection handling causing...

CLSA-2026-1778261301 Update of alt-php

Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags...

go1.25-1.25.9-1.1 on GA media (moderate)

go1.25-1.25.9-1.1 on GA media Announcement ID: openSUSE-SU-2026:10514-1 Rating: moderate Cross-References: CVE-2026-27140 CVE-2026-27143 CVE-2026-27144 CVE-2026-32280 CVE-2026-32281 CVE-2026-32282 CVE-2026-32283 CVE-2026-32288 CVE-2026-32289 CVSS scores: CVE-2026-27143 SUSE : 7.4...

RHSA-2026:0923 Red Hat Security Advisory: golang security update

Bulletin has no description...

SUSE-SU-2026:0977-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to go 1.25.8 bsc1244485, jscSLE-18320: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

CLSA-2026-1773313831 delve: Fix of CVE-2025-68121

Rebuild with golang 1.22.9-1.el92.tuxcare.els6 to fix CVE-2025-68121 - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry...

RHSA-2026:4086 Red Hat Security Advisory: php security update

Bulletin has no description...

SUSE-SU-2026:0789-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68119: cmd/go: unexpected code...

CLSA-2026-1772464786 grafana: Fix of CVE-2025-68121

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE's - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry...

CLSA-2026-1772456640 podman: Fix of 4 CVEs

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE's - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry - CVE-2025-61726: limit parsed URL query parameters to...

Oracle Linux 10 : podman (ELSA-2026-3336)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3336 advisory. - Rebuild for new golang to address CVE-2025-61726 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.25-openssl (SUSE-SU-2026:0298-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0298-1 advisory. Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: -...

Oracle Linux 9 : golang (ELSA-2026-0923)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0923 advisory. 1.25.5-2 - Rebase to rhel-9-main - Related: RHEL-139366 1.25.5-1 - Update to Go 1.25.5 fips-1 - Resolves: RHEL-139366 1.25.3-2 - Cleanup lib/ ownership Tenable...

SUSE-SU-2025:4421-1 Security update for buildah

This update for buildah rebuilds it against the current security release of GO...

go1.24-1.24.11-1.1 on GA media (moderate)

go1.24-1.24.11-1.1 on GA media Announcement ID: openSUSE-SU-2025:15796-1 Rating: moderate Cross-References: CVE-2025-61727 CVE-2025-61729 CVSS scores: CVE-2025-61727 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61727 SUSE : 8.2...

CLSA-2025-1762420153 delve: Fix of CVE-2024-34156

rebuild with newer golang to fix CVE-2024-34156 stack exhaustion in encoding/gob when decoding deeply nested structures...

CLSA-2025-1762181347 containernetworking-plugins: Fix of CVE-2023-24540

rebuild with newer golang to fix CVE-2023-24540 sanitize templates with whitespace outside the allowed character set in JavaScript contexts...

Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...

SUSE-SU-2025:02759-1 Security update for go1.23

This update for go1.23 fixes the following issues: - Update to go1.23.12: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go74415 runtime: use-after-free of allpSnapshot in findRunnable go74693 runtime...

CVE-2024-41964

Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user roles. Users of that role can only perform permitted actions. Permissions for creating and deleting languages have already existed and could be configured, but were not enforced by Kirby's...