Explore top 10 tips to secure your open-source projects now. Read More
×
This update for gosec fixes the following issues:
- Fixing multiple vulnerabilities in the following embedded dependencies:
golang.org/x/crypto/ssh (bsc#1266209), golang.org/x/net/html
(bsc#1267195), golang.org/x/net/idna (bsc#1266793),
golang.org/x/net/http2 (bsc#1265919).
- Update to version 2.27.1:
* Downgrade google lib to avoid min Go version bump (#1687)
* Downgrade the jsonschema dep to v0.13.0 due to incompatibility with
anthropick-sdk-go (#1686)
* Update all dependencies (#1685)
* Downgrade the github.com/invopop/jsonschema v0.13.0 to solve
incopatibility with anthropic-sdk (#1683)
* Update all dependencies (#1682)
* Update vulnerabilities alerts for indirect dependencies
* Pin dependencies (#1681)
* Skip pining for my repos
* Update renovate configuration
* Fix typo
* Update branch config in renovate config
* Migrate config renovate.json (#1678)
* Update renovate to...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2026-244=1
- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):
gosec-2.27.1-bp157.2.9.1
https://bugzilla.suse.com/1265919
https://bugzilla.suse.com/1266209
https://bugzilla.suse.com/1266793
https://bugzilla.suse.com/1267195
Get the latest Linux and open source security news straight to your inbox.