File _patchinfo of Package patchinfo.40090
<patchinfo incident="40090">
<issue tracker="bnc" id="1229122">go1.23 release tracking</issue>
<issue tracker="bnc" id="1247720">VUL-0: CVE-2025-47907: go1.23,go1.24,go1.25: database/sql: incorrect results returned from Rows.Scan</issue>
<issue tracker="bnc" id="1247719">VUL-0: CVE-2025-47906: go1.23,go1.24,go1.25: os/exec: LookPath may return unexpected paths</issue>
<issue tracker="cve" id="2025-47906"/>
<issue tracker="cve" id="2025-47907"/>
<packager>jfkw</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for go1.23</summary>
<description>This update for go1.23 fixes the following issues:
- Update to go1.23.12:
* CVE-2025-47906: Fixed LookPath returning unexpected paths (bsc#1247719)
* CVE-2025-47907: Fixed incorrect results returned from Rows.Scan (bsc#1247720)
* go#74415 runtime: use-after-free of allpSnapshot in findRunnable
* go#74693 runtime: segfaults in runtime.(*unwinder).next
* go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23
* go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66
</description>
</patchinfo>