go1.24-1.24.6-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16485 Final 1 1 2025-08-08T00:00:00Z current 2025-08-08T00:00:00Z 2025-08-08T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z go1.24-1.24.6-1.1 on GA media These are all security issues fixed in the go1.24-1.24.6-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16485 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-47906/ SUSE CVE CVE-2025-47906 page https://www.suse.com/security/cve/CVE-2025-47907/ SUSE CVE CVE-2025-47907 page openSUSE Tumbleweed go1.24-1.24.6-1.1 go1.24-doc-1.24.6-1.1 go1.24-libstd-1.24.6-1.1 go1.24-race-1.24.6-1.1 go1.24-1.24.6-1.1 as a component of openSUSE Tumbleweed go1.24-doc-1.24.6-1.1 as a component of openSUSE Tumbleweed go1.24-libstd-1.24.6-1.1 as a component of openSUSE Tumbleweed go1.24-race-1.24.6-1.1 as a component of openSUSE Tumbleweed If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned. CVE-2025-47906 openSUSE Tumbleweed:go1.24-1.24.6-1.1 openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1 openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1 openSUSE Tumbleweed:go1.24-race-1.24.6-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-47906.html CVE-2025-47906 https://bugzilla.suse.com/1247719 SUSE Bug 1247719 Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error. CVE-2025-47907 openSUSE Tumbleweed:go1.24-1.24.6-1.1 openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1 openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1 openSUSE Tumbleweed:go1.24-race-1.24.6-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-47907.html CVE-2025-47907 https://bugzilla.suse.com/1247720 SUSE Bug 1247720