CVE-2025-61729 in go lang crypto/x509

[sravansagi]

Hi Team,

This vulnerability is being reported in blobfuse latest version. This seems to be an upgrade needed in go lang atleast to 1.25.5. Can you please take care if this.

Ref: golang/go#76461, cloudfoundry/cli#3682

Also can you confirm when is the next version of blob fuse getting released.

Our team is using blobfuse extensively, We need this for making sure our security profile is clean (Which is tracked very closely at our org level)

[bhansalivikas]

Go version upgraded in next release (coming out this week)

[sravansagi]

@vibhansa-msft Thanks for quick response.

Also, I am not sure if this is needed for updating go version in the release but i can still see go.mod has 1.25.1. Can you confirm if the new release that is released is having go 1.25.6 or 1.25.1.