Overview

File _patchinfo of Package patchinfo.42433

<patchinfo incident="42433">
  <issue tracker="jsc" id="SLE-23476"/>
  <issue tracker="cve" id="2025-29923"/>
  <issue tracker="cve" id="2025-58058"/>
  <issue tracker="bnc" id="1248910">VUL-0: CVE-2025-58058: rekor: github.com/ulikunitz/xz: github.com/ulikunitz/xz leaks memory</issue>
  <issue tracker="bnc" id="1241153">VUL-0: CVE-2025-29923: rekor: github.com/redis/go-redis: potential out of order responses when `CLIENT SETINFO` times out during connection establishment</issue>
  <packager>msmeissn</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rekor</summary>
  <description>This update for rekor fixes the following issues:

Security fixes:

- CVE-2025-58058: Fixed github.com/ulikunitz/xz leaks memory (bsc#1248910)
- CVE-2025-29923: Fixed potential out of order responses when `CLIENT SETINFO` 
  times out during connection establishment (bsc#1241153)

Other fixes:

- Update to version 1.4.3
- Update to version 1.4.2
- Update to version 1.4.1 (jsc#SLE-23476)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places