SUSE 15 SP4-5 go1 Critical Security Issues Fixed with Update 2026-0687-1
suse
February 27, 2026
An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed.
Summary
## This update for go1 fixes the following issues: Update to version 1.24.13 (jsc#SLE-18320, bsc#1236217). Security issues fixed: * CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling (bsc#1257692). * CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain (bsc#1256820). * CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session ticket keys, session resumption does not account for the expiration of full certificate chain (bsc#1256818). Other updates and bugfixes: * go#77322 crypto/x509: single-label excluded DNS name constraints incorrectly match all wildcard SANs * go#77424 crypto/tls: CL 737700 broke session resumption on macOS ## Patch Instructions:
Topics Covered
References
* bsc#1236217
* bsc#1256818
* bsc#1256820
* bsc#1257692
* jsc#SLE-18320
Cross-
* CVE-2025-61732
* CVE-2025-68119
* CVE-2025-68121
CVSS scores:
* CVE-2025-61732 ( SUSE ): 9.4
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2025-61732 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-61732 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-68119 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68119 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-68119 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68121 ( SUSE ): 7.6
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2026:0687-1
Release Date: 2026-02-27T15:08:17Z
Rating: critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!