SUSE-CU-2025:6237-1: Security update of bci/golang

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: bci/golang
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6237-1
Container Tags        : bci/golang:1.23-openssl , bci/golang:1.23.2-openssl , bci/golang:1.23.2-openssl-73.6 , bci/golang:oldstable-openssl , bci/golang:oldstable-openssl-73.6
Container Release     : 73.6
Severity              : moderate
Type                  : security
References            : 1221107 1246934 CVE-2024-2236 
-----------------------------------------------------------------

The container bci/golang was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2719-1
Released:    Thu Aug  7 05:38:32 2025
Summary:     Security update for libgcrypt
Type:        security
Severity:    moderate
References:  1221107,1246934,CVE-2024-2236
This update for libgcrypt fixes the following issues:

- CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2720-1
Released:    Thu Aug  7 05:38:44 2025
Summary:     Recommended update for crypto-policies
Type:        recommended
Severity:    moderate
References:  
This update for crypto-policies fixes the following issues:

- Update the BSI policy (jsc#PED-12880)
    * BSI: switch to 3072 minimum RSA key size
    * BSI: Update BSI policy for new 2024 minimum


The following package changes have been done:

- crypto-policies-20230920.570ea89-150600.3.12.1 updated
- libgcc_s1-14.3.0+git11799-150000.1.11.1 updated
- libstdc++6-14.3.0+git11799-150000.1.11.1 updated
- libgcrypt20-1.11.0-150700.5.7.1 updated
- container:registry.suse.com-bci-bci-base-15.7-8399472c596cc49c0cda1e1dc5b89c4f79b4511d42a73f22c428ae465c82542d-0 updated