This update for go1.25 fixes the following issues:
Update to version 1.25.7.
Security issues fixed:
CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling (bsc#1257692).
CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session ticket keys, session resumption does
not account for the expiration of full certificate chain (bsc#1256818).
Other updates and bugfixes:
version update to 1.25.7:
go#75844 cmd/compile: OOM killed on linux/arm64
go#77323 crypto/x509: single-label excluded DNS name constraints incorrectly match all wildcard SANs
go#77425 crypto/tls: CL 737700 broke session resumption on macOS
Affected Packages
go1.25
SUSE Linux Enterprise Server 16.0SUSE Linux Enterprise Server for SAP applications 16.0
Fixed in:
1.25.7-160000.1.1
go1.25-doc
SUSE Linux Enterprise Server 16.0SUSE Linux Enterprise Server for SAP applications 16.0
Fixed in:
1.25.7-160000.1.1
go1.25-libstd
SUSE Linux Enterprise Server 16.0SUSE Linux Enterprise Server for SAP applications 16.0
Fixed in:
1.25.7-160000.1.1
go1.25-race
SUSE Linux Enterprise Server 16.0SUSE Linux Enterprise Server for SAP applications 16.0