These are all security issues fixed in the caddy-2.5.1-2.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "caddy": "2.5.1-2.1" } ] }