Overview

File _patchinfo of Package patchinfo.37351

<patchinfo incident="37351">
  <issue tracker="bnc" id="1236217">go1.24 release tracking</issue>
  <issue tracker="bnc" id="1236801">VUL-0: CVE-2025-22866 go1.22,go1.23,go1.24: crypto/elliptic: timing sidechannel for P-256 on ppc64le</issue>
  <issue tracker="bnc" id="1236839">VUL-0: CVE-2025-22867 go1.24: cmd/go: arbitrary code execution during build on darwin</issue>
  <issue tracker="cve" id="2025-22866"/>
  <issue tracker="cve" id="2025-22867"/>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.24</summary>
  <description>This update for go1.24 fixes the following issues:

- CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).
- CVE-2025-22867: Fixed arbitrary code execution during build on darwin (bsc#1236839).

Other fixes:

- go1.2r42 release tracking (bsc#1236217)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places