Fedora 43 has received several updates to address security vulnerabilities. The first update affects Chromium, an open-source web browser, and fixes two high-level CVEs (CVE-2025-13223 and CVE-2025-13224) related to type confusion in V8. The Kubernetes package, responsible for container scheduling and management, is the target of two subsequent updates. These updates address multiple CVEs affecting various components of Kubernetes, including crypto/tls, parsing, and memory exhaustion.

Fedora 43 Update: chromium-142.0.7444.175-2.fc43
Fedora 43 Update: calibre-8.14.0-1.fc43
Fedora 43 Update: kubernetes1.33-1.33.6-1.fc43
Fedora 43 Update: kubernetes1.34-1.34.2-1.fc43

[SECURITY] Fedora 43 Update: chromium-142.0.7444.175-2.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d41f5f4a2a
2025-11-24 01:24:44.272934+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 43
Version : 142.0.7444.175
Release : 2.fc43
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 142.0.7444.175
* High CVE-2025-13223: Type Confusion in V8
* High CVE-2025-13224: Type Confusion in V8
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 19 2025 Than Ngo [than@redhat.com] - 142.0.7444.175-2
- Fix typos in chromium.conf
* Tue Nov 18 2025 Than Ngo [than@redhat.com] - 142.0.7444.175-1
- Update to 142.0.7444.175
* High CVE-2025-13223: Type Confusion in V8
* High CVE-2025-13224: Type Confusion in V8
* Sat Nov 15 2025 LuK1337 [priv.luk@gmail.com] - 142.0.7444.162-2
- Disable LensOverlay feature by default
* Thu Nov 13 2025 Mamoru TASAKA [mtasaka@fedoraproject.org] - 142.0.7444.162-2
- Rebuild for ffmpeg 8 again
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2414369 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2414369
[ 2 ] Bug #2414371 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2414371
[ 3 ] Bug #2414374 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2414374
[ 4 ] Bug #2414376 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2414376
[ 5 ] Bug #2414378 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2414378
[ 6 ] Bug #2414380 - CVE-2025-12908 chromium: Insufficient validation of untrusted input in Downloads [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2414380
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d41f5f4a2a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: calibre-8.14.0-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-355be35bb1
2025-11-24 01:24:44.272905+00:00
--------------------------------------------------------------------------------

Name : calibre
Product : Fedora 43
Version : 8.14.0
Release : 1.fc43
URL : https://calibre-ebook.com/
Summary : E-book converter and library manager
Description :
Calibre is meant to be a complete e-library solution. It includes library
management, format conversion, news feeds to ebook conversion as well as
e-book reader sync features.

Calibre is primarily a ebook cataloging program. It manages your ebook
collection for you. It is designed around the concept of the logical book,
i.e. a single entry in the database that may correspond to ebooks in several
formats. It also supports conversion to and from a dozen different ebook
formats.

Supported input formats are: MOBI, LIT, PRC, EPUB, CHM, ODT, HTML, CBR, CBZ,
RTF, TXT, PDF and LRS.

--------------------------------------------------------------------------------
Update Information:

Update to 8.14.0. Fixes rhbz#2413304
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 15 2025 Kevin Fenzi [kevin@scrye.com] - 8.14.0-1
- Update to 8.14.0. Fixes rhbz#2413304
* Wed Nov 5 2025 Dominik 'Rathann' Mierzejewski [dominik@greysector.net] - 8.13.0-2
- Rebuilt for FFmpeg 8
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2413304 - calibre-8.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2413304
[ 2 ] Bug #2414459 - CVE-2025-64486 calibre: calibre is vulnerable to arbitrary code execution when opening FB2 files [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2414459
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-355be35bb1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: kubernetes1.33-1.33.6-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-298add9246
2025-11-24 01:24:44.272902+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.33
Product : Fedora 43
Version : 1.33.6
Release : 1.fc43
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.33.6
Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523
Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610
Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528
Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739
Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589
Resolves: rhbz#2412804
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 13 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.33.6-1
- Update to release v1.33.6
- Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523
- Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610
- Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528
- Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739
- Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589
- Resolves: rhbz#2412804
- Upstream fixes
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.33.5-4
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398588 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398588
[ 2 ] Bug #2398849 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398849
[ 3 ] Bug #2399250 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399250
[ 4 ] Bug #2399523 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399523
[ 5 ] Bug #2407789 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407789
[ 6 ] Bug #2408059 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408059
[ 7 ] Bug #2408316 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408316
[ 8 ] Bug #2408610 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408610
[ 9 ] Bug #2408673 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408673
[ 10 ] Bug #2408731 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408731
[ 11 ] Bug #2409238 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409238
[ 12 ] Bug #2409528 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409528
[ 13 ] Bug #2409789 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409789
[ 14 ] Bug #2410203 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410203
[ 15 ] Bug #2410478 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410478
[ 16 ] Bug #2410739 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410739
[ 17 ] Bug #2411118 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411118
[ 18 ] Bug #2411377 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411377
[ 19 ] Bug #2412570 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412570
[ 20 ] Bug #2412589 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412589
[ 21 ] Bug #2412804 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412804
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-298add9246' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: kubernetes1.34-1.34.2-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f32b1debd8
2025-11-24 01:24:44.272863+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.34
Product : Fedora 43
Version : 1.34.2
Release : 1.fc43
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.34.2
Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524
Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611
Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529
Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740
Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590
Resolves: rhbz#2412805
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 14 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.2-1
- Update to release v1.34.2
- Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524
- Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611
- Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529
- Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740
- Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590
- Resolves: rhbz#2412805
- Upstream fixes
* Fri Nov 14 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.1-4
- Reorder CRI Recommends
- Update cri-o recommend with correct version information
- Reorder CRI as (for example): Recommends: (cri-o1.34 or containerd)
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.34.1-3
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398589 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398589
[ 2 ] Bug #2398850 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398850
[ 3 ] Bug #2399251 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399251
[ 4 ] Bug #2399524 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399524
[ 5 ] Bug #2407790 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407790
[ 6 ] Bug #2408060 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408060
[ 7 ] Bug #2408317 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408317
[ 8 ] Bug #2408611 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408611
[ 9 ] Bug #2408674 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408674
[ 10 ] Bug #2408732 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408732
[ 11 ] Bug #2409239 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409239
[ 12 ] Bug #2409529 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409529
[ 13 ] Bug #2409790 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409790
[ 14 ] Bug #2410204 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410204
[ 15 ] Bug #2410479 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410479
[ 16 ] Bug #2410740 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410740
[ 17 ] Bug #2411120 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411120
[ 18 ] Bug #2411378 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411378
[ 19 ] Bug #2411636 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411636
[ 20 ] Bug #2412590 - CVE-2025-58183 kubernetes1.34: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412590
[ 21 ] Bug #2412805 - CVE-2025-58183 kubernetes1.34: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412805
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f32b1debd8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--