Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

openSUSE Leap 16.0: Real-time Security Update for go1.25 2025-20157-1

opensuse
Calendar Grey December 14, 2025
Dist Opensuse Esm H88
This advisory details 13 security fixes for go1.25 on openSUSE 16.0, addressing important vulnerabilities.
An update that solves 13 vulnerabilities and has 19 bug fixes can now be installed.

Description

This update for go1.25 fixes the following issues:

Update to go1.25.5.

Security issues fixed:

- CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation

(bsc#1254431).

- CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't preclude wildcard SAN (bsc#1254430).

- CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress (bsc#1251253).

- CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse (bsc#1251262).

- CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs (bsc#1251256).

- CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information (bsc#1251255).

- CVE-2025-58188: crypto/x509: panic when validating certificates with DSA public keys (bsc#1251260).

- CVE-2025-58187: crypto/x509: quadratic complexity when checking name constraints (bsc#1251254).

- CVE-2025-58186: net/http: lack of limit when parsing cookies can...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update important resource consumption application patch OpenSUSE

Patch

Package List

- openSUSE Leap 16.0:

go1.25-1.25.5-160000.1.1

go1.25-doc-1.25.5-160000.1.1

go1.25-libstd-1.25.5-160000.1.1

go1.25-race-1.25.5-160000.1.1

References

* bsc#1244485

* bsc#1245878

* bsc#1247816

* bsc#1248082

* bsc#1249141

* bsc#1249985

* bsc#1251253

* bsc#1251254

* bsc#1251255

* bsc#1251256

* bsc#1251257

* bsc#1251258

* bsc#1251259

* bsc#1251260

* bsc#1251261

* bsc#1251262

* bsc#1254227

* bsc#1254430

* bsc#1254431

References:

* https://www.suse.com/security/cve/CVE-2025-47910.html

* https://www.suse.com/security/cve/CVE-2025-47912.html

* https://www.suse.com/security/cve/CVE-2025-58183.html

* https://www.suse.com/security/cve/CVE-2025-58185.html

* https://www.suse.com/security/cve/CVE-2025-58186.html

* https://www.suse.com/security/cve/CVE-2025-58187.html

* https://www.suse.com/security/cve/CVE-2025-58188.html

* https://www.suse.com/security/cve/CVE-2025-58189.html

* https://www.suse.com/security/cve/CVE-2025-61723.html

* https://www.suse.com/security/cve/CVE-2025-61724.html

* https://www.suse.com/security/cve/CVE-2025-61725.html

* https://www.suse.com/security/cve/CVE-2025-61727.html

* https://www.suse.com/security/cve/CVE-2025-61729.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2025-20157-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory security update important resource consumption application patch OpenSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here