openSUSE: alloy Important Parsing Memory Issues CVE-2025-47911 2026:20044-1

opensuse

January 17, 2026

An update that solves 3 vulnerabilities and has 3 bug fixes can now be installed.

Description

This update for alloy fixes the following issues:

Upgrade to version 1.12.1.

Security issues fixed:

- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents

(bsc#1251509).

- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially

crafted input (bsc#1251716).

- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in

response to a key listing or signing request (bsc#1253609).

Other updates and bugfixes:

- Version 1.12.1:

* Bugfixes

- update to Beyla 2.7.10.

- Version 1.12.0:

* Breaking changes

- `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component

ID instead of the hostname as their instance label in their exported metrics.

* Features

- (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs...

Read the Full Advisory

Topics Covered

security advisory important parsing issue memory consumption OpenSUSE alloy

Patch

Package List

- openSUSE Leap 16.0:

alloy-1.12.1-160000.1.1

References

* bsc#1251509

* bsc#1251716

* bsc#1253609

References:

* https://www.suse.com/security/cve/CVE-2025-47911.html

* https://www.suse.com/security/cve/CVE-2025-47913.html

* https://www.suse.com/security/cve/CVE-2025-58190.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: openSUSE-SU-2026:20044-1

Rating: important

Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics Covered

security advisory important parsing issue memory consumption OpenSUSE alloy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE: alloy Important Parsing Memory Issues CVE-2025-47911 2026:20044-1

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE: alloy Important Parsing Memory Issues CVE-2025-47911 2026:20044-1

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!