SUSE-CU-2025:6129-1: Security update of bci/golang

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Aug 13 07:32:12 UTC 2025 

SUSE Container Update Advisory: bci/golang
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6129-1
Container Tags        : bci/golang:1.23 , bci/golang:1.23.12 , bci/golang:1.23.12-2.73.4 , bci/golang:oldstable , bci/golang:oldstable-2.73.4
Container Release     : 73.4
Severity              : moderate
Type                  : security
References            : 1229122 1245573 1247719 1247720 CVE-2025-47906 CVE-2025-47907
                        CVE-2025-6297 
-----------------------------------------------------------------

The container bci/golang was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2714-1
Released:    Wed Aug  6 11:36:56 2025
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  
This update for systemd fixes the following issues:

- triggers.systemd: skip update of hwdb, journal-catalog if executed during
  an offline update.

- systemd-repart is no more considered as experimental (jsc#PED-13213)

- Import commit 130293e510ceb4d121d11823e6ebd4b1e8332ea0 (merge of v254.27)
  For a complete list of changes, visit:
  https://github.com/openSUSE/systemd/compare/278fb676146e35a7b4057f52f34a7bbaf1b82369...130293e510ceb4d121d11823e6ebd4b1e8332ea0

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2734-1
Released:    Fri Aug  8 10:05:10 2025
Summary:     Security update for dpkg
Type:        security
Severity:    moderate
References:  1245573,CVE-2025-6297
This update for dpkg fixes the following issues:

- CVE-2025-6297: Fixed an improper sanitization of directory permissions that could lead to DoS. (bsc#1245573)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2759-1
Released:    Tue Aug 12 14:06:16 2025
Summary:     Security update for go1.23
Type:        security
Severity:    moderate
References:  1229122,1247719,1247720,CVE-2025-47906,CVE-2025-47907
This update for go1.23 fixes the following issues:

- Update to go1.23.12:
  * CVE-2025-47906: Fixed LookPath returning unexpected paths (bsc#1247719)
  * CVE-2025-47907: Fixed incorrect results returned from Rows.Scan (bsc#1247720)
  * go#74415 runtime: use-after-free of allpSnapshot in findRunnable
  * go#74693 runtime: segfaults in runtime.(*unwinder).next
  * go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23
  * go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66


The following package changes have been done:

- go1.23-doc-1.23.12-150000.1.40.1 updated
- update-alternatives-1.19.0.4-150000.4.7.1 updated
- libsystemd0-254.27-150600.4.43.3 updated
- go1.23-1.23.12-150000.1.40.1 updated
- go1.23-race-1.23.12-150000.1.40.1 updated
- container:registry.suse.com-bci-bci-base-15.7-0cffa22c4781b79b45cb22872b4da4160b01ca1230a476fd7f81b4fdd3714f23-0 updated

More information about the sle-container-updates mailing list