Then you might do the update to 1.12.16 to get the security issue CVE-2019-12749 fixed for Tumbleweed/Factory as well accordingly to the policy Factory First.