SUSE-SU-2026:20904-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 3.0.5: - CVE-2026-24122: Fixed improper validation of certificates that outlive expired CA certificates bsc1258542 - CVE-2026-26958: Fixed filippo.io/edwards25519: failure to initialize receiver in MultiScalarMult can produce...

Medium: nerdctl

Issue Overview: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065 Affected Packages: nerdctl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extra...

Medium: nerdctl

Issue Overview: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065 Affected Packages: nerdctl Issue Correction: Run dnf update nerdctl --releasever 2023.9.20251110 or dnf update --advisory ALAS2023-2025-1259 --releasever 2023.9.20251110 to...

Medium: amazon-cloudwatch-agent

Issue Overview: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065 Affected Packages: amazon-cloudwatch-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Co...