CLSA-2026-1779109358 grafana-pcp: Fix of CVE-2026-32283

CVE-2026-32283: rebuild against golang = 1.25.7-1.el96.tuxcare.els5...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2026-10704)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10704 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related:...

CLSA-2026-1776070934 grafana: Fix of CVE-2026-25679

rebuild with golang 1.25.7-els2 which fixes the following CVEs - - CVE-2026-25679: fix insufficient validation of host/authority in net/url.Parse...

SUSE SLES16 Security Update : go1.25-openssl (SUSE-SU-2026:20623-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20623-1 advisory. - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect...

openSUSE 16 Security Update : go1.25-openssl (openSUSE-SU-2026:20301-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20301-1 advisory. - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level...

SUSE SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:0790-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0790-1 advisory. Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows...

CLSA-2026-1772619878 runc: Fix of 3 CVEs

rebuild with newer golang version 1.25.7-1.el96.tuxcare.els1 to fix the following CVEs - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry - CVE-2025-61726: limit parsed URL query parameters to...

CLSA-2026-1772573053 butane: Fix of CVE-2025-61729

rebuilt with golang = 1.25.7-1.tuxcare.els1 to address the following security issues: - CVE-2025-61729...

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

SUSE-SU-2026:20623-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821 - CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain bsc1256820 ...

OPENSUSE-SU-2026:20301-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821 - CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain bsc1256820 ...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2026-2708)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2708 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related:...

golang security update

1.25.7-1 - Rebase to latest rhel-10-main 170a5b7e084...

golang security update

1.25.7-1 - Update to Go 1.25.7 fips-1 - Resolves: RHEL-146476...

Security update for go1.25

This update for go1.25 fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session tick...

AZL-78937 CVE-2025-61732 affecting package golang 1.25.7-1

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

AZL-78933 CVE-2025-61730 affecting package golang 1.25.7-1

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

AZL-78931 CVE-2025-61729 affecting package golang 1.25.7-1

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

AZL-78911 CVE-2025-58186 affecting package golang 1.25.7-1

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...