Alerts This Week
Warning Icon 1 1,146
Alerts This Week
Warning Icon 1 1,146

SUSE go1.24-openssl Critical Security Alert 2026-0789-1 CVE-2025-61732

suse
Calendar Grey March 3, 2026
Dist Suse Esm H88
Critical SUSE update for go1.24-openssl resolves three issues, including command injection, requiring immediate action.
An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed.

Summary

## This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 (jsc#SLE-18320, bsc#1236217). Security issues fixed: * CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling (bsc#1257692). * CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain (bsc#1256820). * CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session ticket keys, session resumption does not account for the expiration of full certificate chain (bsc#1256818). Other updates and bugfixes: * go#77322 crypto/x509: single-label excluded DNS name constraints incorrectly match all wildcard SANs * go#77424 crypto/tls: CL 737700 broke session resumption on macOS ## Patch Instructions:

References

* bsc#1236217

* bsc#1256818

* bsc#1256820

* bsc#1257692

* jsc#SLE-18320

Cross-

* CVE-2025-61732

* CVE-2025-68119

* CVE-2025-68121

CVSS scores:

* CVE-2025-61732 ( SUSE ): 9.4

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

* CVE-2025-61732 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2025-61732 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2025-68119 ( SUSE ): 7.1

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-68119 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-68119 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-68121 ( SUSE ): 7.6

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:0789-1
Release Date: 2026-03-03T15:51:44Z
Rating: critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here