FERRAMENTAS LINUX: Critical Security Update: openSUSE Leap 15.6 Patches Multiple Vulnerabilities in Go 1.24

terça-feira, 10 de junho de 2025

Critical Security Update: openSUSE Leap 15.6 Patches Multiple Vulnerabilities in Go 1.24

openSUSE Leap 15.6 releases a critical security patch for Go 1.24, fixing CVEs in crypto/x509, net/http, and os packages. Learn how to update and protect your Linux systems from high-risk vulnerabilities. Essential for DevOps and enterprise security.

Overview of the Security Patch

The latest update for openSUSE Leap 15.6 (2025-01846-1) addresses critical security flaws in Go 1.24, a widely used programming language for cloud-native and high-performance applications.

This patch resolves multiple CVEs (Common Vulnerabilities and Exposures), including high-risk issues in crypto/x509, net/http, and os packages.

Key Security Fixes Included

CVE-2025-22874: Bypass in crypto/x509 policy validation (bsc#1244158)
CVE-2025-0913: Inconsistent handling of O_CREATE|O_EXCL permissions on Unix/Windows (bsc#1244157)
CVE-2025-4673: Sensitive HTTP headers not cleared on cross-origin redirects (bsc#1244156)
Additional bug fixes for hash/maphash, os, and linker stability

This update is essential for developers, sysadmins, and enterprises relying on Go for secure application deployment.

How to Apply the Patch

To ensure system security, apply the update using one of these methods:

Recommended Installation Methods

✔ YaST Online Update (GUI)
✔ Command Line (zypper)

zypper in -t patch openSUSE-SLE-15.6-2025-1846=1

Affected Products & Patch Commands

Product	Patch Command
openSUSE Leap 15.6	`zypper in -t patch openSUSE-SLE-15.6-2025-1846=1`
SUSE Linux Enterprise Server 15 SP5	`zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1846=1`
SUSE Linux Enterprise High Performance Computing (HPC)	`zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1846=1`

(Full list of supported architectures: x86_64, aarch64, ppc64le, s390x)