Explore top 10 tips to secure your open-source projects now. Read More
×
This update for go1.25-openssl fixes the following issues
- Update to version go1.25.12 (bsc#1244485).
- CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling (bsc#1257692).
- CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session ticket keys, session resumption does not account for the expiration of full certificate chain (bsc#1256818).
- CVE-2026-25679: net/url: reject IPv6 literal not at start of host (bsc#1259264).
- CVE-2026-27139: os: FileInfo can escape from a Root (bsc#1259268).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27142: html/template: URLs in meta content attribute actions are not escaped (bsc#1259265).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-27145: crypto/x509: split...
Read the Full Advisory- openSUSE Leap 16.0:
go1.25-openssl-1.25.12-160000.1.1
go1.25-openssl-doc-1.25.12-160000.1.1
go1.25-openssl-race-1.25.12-160000.1.1
* bsc#1170826
* bsc#1244485
* bsc#1245878
* bsc#1256818
* bsc#1257692
* bsc#1259264
* bsc#1259265
* bsc#1259268
* bsc#1261653
* bsc#1261654
* bsc#1261655
* bsc#1261656
* bsc#1261657
* bsc#1261658
* bsc#1261659
* bsc#1261660
* bsc#1261661
* bsc#1264394
* bsc#1264499
* bsc#1264500
* bsc#1264501
* bsc#1264502
* bsc#1264503
* bsc#1264504
* bsc#1264505
* bsc#1264506
* bsc#1264507
* bsc#1264508
* bsc#1264509
* bsc#1267442
* bsc#1267444
* bsc#1267450
* bsc#1271014
* bsc#1271015
References:
* https://www.suse.com/security/cve/CVE-2025-61732.html
* https://www.suse.com/security/cve/CVE-2025-68121.html
* https://www.suse.com/security/cve/CVE-2026-25679.html
* https://www.suse.com/security/cve/CVE-2026-27139.html
* https://www.suse.com/security/cve/CVE-2026-27140.html
* https://www.suse.com/security/cve/CVE-2026-27142.html
* https://www.suse.com/security/cve/CVE-2026-27143.html
* https://www.suse.com/security/cve/CVE-2026-27144.html
* https://www.suse.com/security/cve/CVE-2026-27145.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.