Overview

File _patchinfo of Package patchinfo.41575

<patchinfo incident="41575">
  <issue tracker="bnc" id="1248897">VUL-0: CVE-2025-58058: trivy: github.com/ulikunitz/xz: github.com/ulikunitz/xz leaks memory</issue>
  <issue tracker="bnc" id="1250625">VUL-0: CVE-2025-11065: trivy: github.com/go-viper/mapstructure/v2: sensitive Information leak in logs</issue>
  <issue tracker="cve" id="2025-58058"/>
  <issue tracker="cve" id="2025-11065"/>
  <packager>dirkmueller</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for trivy</summary>
  <description>This update for trivy fixes the following issues:

  Update to version 0.67.2:
  
  - CVE-2025-11065: Fixed sensitive Information leak in logs in github.com/go-viper/mapstructure/v2 (bsc#1250625)
  - CVE-2025-58058: Fixed leaks of memory in github.com/ulikunitz/xz (bsc#1248897)

  Other fixes:
  
  - Fix version number shown for 'trivy -v'
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places