SUSE-CU-2025:4222-1: Recommended update of bci/golang

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: bci/golang
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:4222-1
Container Tags        : bci/golang:1.24-openssl , bci/golang:1.24.3-openssl , bci/golang:1.24.3-openssl-60.7 , bci/golang:latest , bci/golang:stable-openssl , bci/golang:stable-openssl-60.7
Container Release     : 60.7
Severity              : important
Type                  : recommended
References            : 1243960 
-----------------------------------------------------------------

The container bci/golang was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1847-1
Released:    Mon Jun  9 20:34:37 2025
Summary:     Recommended update for go1.24-openssl
Type:        recommended
Severity:    important
References:  1243960
This update for go1.24-openssl fixes the following issues:

Update to version 1.24.3 cut from the go1.24-fips-release branch at the
revision tagged go1.24.3-3-openssl-fips.  (jsc#SLE-18320)

* Fix GOLANG_FIPS=0 and enable CGO for bin/go

Update to version 1.24.3 cut from the go1.24-fips-release branch at the
revision tagged go1.24.3-2-openssl-fips.  (jsc#SLE-18320 bsc#1243960)

* Force fips140tls in boring mode and run http tests
* Implement HKDF for TLS (#297) bsc#1243960. This was previously
  left unimplemented and would panic if invoked. This was not
  caught because we only run a subset of the TLS tests in FIPS
  mode. This patch adds the test case which would have caught
  this into our test script and fixes the panic with an
  implementation of HKDF label expanding.
* Improve documentation (#294)


The following package changes have been done:

- go1.24-openssl-doc-1.24.3-150600.13.6.1 updated
- go1.24-openssl-1.24.3-150600.13.6.1 updated
- go1.24-openssl-race-1.24.3-150600.13.6.1 updated