This update for go1.24-openssl fixes the following issues:
Update to version 1.24.13 (jsc#SLE-18320, bsc#1236217).
Security issues fixed:
* CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing
allows for C code smuggling (bsc#1257692).
* CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain
(bsc#1256820).
* CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated
session ticket keys, session resumption does not account for the expiration
of full certificate chain (bsc#1256818).
Other updates and bugfixes:
* go#77322 crypto/x509: single-label excluded DNS name constraints incorrectly
match all wildcard SANs
* go#77424 crypto/tls: CL 737700 broke session resumption on macOS
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-789=1 openSUSE-SLE-15.6-2026-789=1
* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-789=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-789=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-789=1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* go1.24-openssl-doc-1.24.13-150600.13.18.1
* go1.24-openssl-1.24.13-150600.13.18.1
* go1.24-openssl-debuginfo-1.24.13-150600.13.18.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* go1.24-openssl-race-1.24.13-150600.13.18.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* go1.24-openssl-race-1.24.13-150600.13.18.1
* go1.24-openssl-doc-1.24.13-150600.13.18.1
* go1.24-openssl-1.24.13-150600.13.18.1
* go1.24-openssl-debuginfo-1.24.13-150600.13.18.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* go1.24-openssl-race-1.24.13-150600.13.18.1
* go1.24-openssl-doc-1.24.13-150600.13.18.1
* go1.24-openssl-1.24.13-150600.13.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* go1.24-openssl-race-1.24.13-150600.13.18.1
* go1.24-openssl-doc-1.24.13-150600.13.18.1
* go1.24-openssl-1.24.13-150600.13.18.1
* bsc#1236217
* bsc#1256818
* bsc#1256820
* bsc#1257692
* jsc#SLE-18320
## References:
* https://www.suse.com/security/cve/CVE-2025-61732.html
* https://www.suse.com/security/cve/CVE-2025-68119.html
* https://www.suse.com/security/cve/CVE-2025-68121.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236217
* https://bugzilla.suse.com/show_bug.cgi?id=1256818
* https://bugzilla.suse.com/show_bug.cgi?id=1256820
* https://bugzilla.suse.com/show_bug.cgi?id=1257692
* https://jira.suse.com/browse/SLE-18320
Get the latest Linux and open source security news straight to your inbox.