Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 (released 2025-08-06) (bsc#1229122): \- CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118) \- CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH configurations in LookPath in osc/exec (bsc#1247719) \- CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720) Updated to version 1.23.12 cut from the go1.23-fips-release branch at the revision tagged go1.23.12-1-openssl-fips (jsc#SLE-18320) \- Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash length buffer of zeros. Other fixes: \- runtime: use-after-free of allpSnapshot in findRunnable \-
* bsc#1229122
* bsc#1246118
* bsc#1247719
* bsc#1247720
* bsc#1247816
* jsc#SLE-18320
Cross-
* CVE-2025-4674
* CVE-2025-47906
* CVE-2025-47907
CVSS scores:
* CVE-2025-4674 ( SUSE ): 9.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2025-4674 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-4674 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-47906 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-47907 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Get the latest Linux and open source security news straight to your inbox.