Chromium, Cri-O. Python-SocketIO updates for Fedora

Fedora Linux 9174 Published 2025-10-11 07:29 by Philipp Esselbach

News

Several security updates have been released for Fedora 41 and Fedora 42. The updates include chromium version 141.0.7390.65, which addresses several high and medium severity vulnerabilities, and cri-o versions 1.31-1.32.9 and 1.33-1.34.1, which address various issues related to the Kubernetes Container Runtime Interface. Additionally, a security update has been released for python-socketio version 5.14.1 on Fedora 42, which addresses several issues with Redis connections and client managers.

Fedora 41 Update: chromium-141.0.7390.65-1.fc41
Fedora 41 Update: cri-o1.33-1.33.5-1.fc41
Fedora 41 Update: cri-o1.31-1.31.13-1.fc41
Fedora 41 Update: cri-o1.32-1.32.9-1.fc41
Fedora 41 Update: cri-o1.34-1.34.1-1.fc41
Fedora 42 Update: python-socketio-5.14.1-1.fc42
Fedora 42 Update: chromium-141.0.7390.65-1.fc42
Fedora 42 Update: cri-o1.31-1.31.13-1.fc42
Fedora 42 Update: cri-o1.32-1.32.9-1.fc42
Fedora 42 Update: cri-o1.34-1.34.1-1.fc42
Fedora 42 Update: cri-o1.33-1.33.5-1.fc42

[SECURITY] Fedora 41 Update: chromium-141.0.7390.65-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ed59372bc2
2025-10-11 01:01:59.551910+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 41
Version : 141.0.7390.65
Release : 1.fc41
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 141.0.7390.65
* High CVE-2025-11458: Heap buffer overflow in Sync
* High CVE-2025-11460: Use after free in Storage
* Medium CVE-2025-11211: Out of bounds read in WebCodecs
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 8 2025 Than Ngo [than@redhat.com] - 141.0.7390.65-1
- Update to 141.0.7390.65
* High CVE-2025-11458: Heap buffer overflow in Sync
* High CVE-2025-11460: Use after free in Storage
* Medium CVE-2025-11211: Out of bounds read in WebCodecs
* Fri Oct 3 2025 Tom Stellard [tstellar@redhat.com] - 141.0.7390.54-2
- Fix build with clang-22
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ed59372bc2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: cri-o1.33-1.33.5-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3976569481
2025-10-11 01:01:59.551895+00:00
--------------------------------------------------------------------------------

Name : cri-o1.33
Product : Fedora 41
Version : 1.33.5
Release : 1.fc41
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.33.5
Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663,
rhbz#2399065, rhbz#2399339
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.33.5-1
- Update to release v1.33.5
- Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663,
rhbz#2399065, rhbz#2399339
- Upstream fixes
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2375096 - CVE-2025-4437 cri-o1.33: Large /etc/passwd file may lead to Denial of Service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2375096
[ 3 ] Bug #2398408 - CVE-2025-47910 cri-o1.33: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398408
[ 4 ] Bug #2398663 - CVE-2025-47910 cri-o1.33: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398663
[ 5 ] Bug #2399065 - CVE-2025-47906 cri-o1.33: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399065
[ 6 ] Bug #2399339 - CVE-2025-47906 cri-o1.33: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399339
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3976569481' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: cri-o1.31-1.31.13-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-09e80a938d
2025-10-11 01:01:59.551890+00:00
--------------------------------------------------------------------------------

Name : cri-o1.31
Product : Fedora 41
Version : 1.31.13
Release : 1.fc41
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.31.13
Resolves: rhbz#2333357, rhbz#2398406, rhbz#2398661, rhbz#2399063,
rhbz#2399337
Upstream fix
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.31.13-1
- Update to release v1.31.13
- Resolves: rhbz#2333357, rhbz#2398406, rhbz#2398661, rhbz#2399063,
rhbz#2399337
- Upstream fix
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2398406 - CVE-2025-47910 cri-o1.31: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398406
[ 3 ] Bug #2398661 - CVE-2025-47910 cri-o1.31: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398661
[ 4 ] Bug #2399063 - CVE-2025-47906 cri-o1.31: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399063
[ 5 ] Bug #2399337 - CVE-2025-47906 cri-o1.31: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399337
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-09e80a938d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: cri-o1.32-1.32.9-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e976788728
2025-10-11 01:01:59.551893+00:00
--------------------------------------------------------------------------------

Name : cri-o1.32
Product : Fedora 41
Version : 1.32.9
Release : 1.fc41
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release 1.32.9
Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064,
rhbz#2399338
Upstream fix
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.9-1
- Update to release 1.32.9
- Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064,
rhbz#2399338
- Upstream fix
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2398407 - CVE-2025-47910 cri-o1.32: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398407
[ 3 ] Bug #2398662 - CVE-2025-47910 cri-o1.32: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398662
[ 4 ] Bug #2399064 - CVE-2025-47906 cri-o1.32: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399064
[ 5 ] Bug #2399338 - CVE-2025-47906 cri-o1.32: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399338
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e976788728' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: cri-o1.34-1.34.1-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4f3ebd73fa
2025-10-11 01:01:59.551888+00:00
--------------------------------------------------------------------------------

Name : cri-o1.34
Product : Fedora 41
Version : 1.34.1
Release : 1.fc41
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.34.1
Resolves: rhbz#2333357, rhbz#2398409, rhbz#2398664, rhbz#2399066,
rhbz#2399340
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.1-1
- Update to release v1.34.1
- Resolves: rhbz#2333357, rhbz#2398409, rhbz#2398664, rhbz#2399066,
rhbz#2399340
- Upstream fixes
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2398409 - CVE-2025-47910 cri-o1.34: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398409
[ 3 ] Bug #2398664 - CVE-2025-47910 cri-o1.34: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398664
[ 4 ] Bug #2399066 - CVE-2025-47906 cri-o1.34: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399066
[ 5 ] Bug #2399340 - CVE-2025-47906 cri-o1.34: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399340
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4f3ebd73fa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: python-socketio-5.14.1-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-96c38634c7
2025-10-11 00:56:43.169085+00:00
--------------------------------------------------------------------------------

Name : python-socketio
Product : Fedora 42
Version : 5.14.1
Release : 1.fc42
URL : https://github.com/miguelgrinberg/python-socketio
Summary : Socket.IO server
Description :
Socket.IO is a transport protocol that enables real-time bidirectional
event-based communication between clients (typically, though not always, web
browsers) and a server. The official implementations of the client and server
components are written in JavaScript. This package provides Python
implementations of both, each with standard and asyncio variants.

--------------------------------------------------------------------------------
Update Information:

Release 5.14.1 - 2025-10-02
Restore support for rediss:// URLs, and add support for valkeys:// as well
Add support for Redis connections using unix sockets
Release 5.14.0 - 2025-09-30
Replace pickle with json in message queue communications
Add support for Valkey in the Redis client managers
Keep track of which namespaces failed to connect
Fixed transport property of the simple clients to be a string as documented
SimpleClient.call does not raise TimeoutError on timeout
Wait for client to end background tasks on disconnect
Better error logging for the Redis managers
Channel was not properly initialized in several pubsub client managers
Add message queue deployment recommendations for security
Add missing async on session examples for the async server
Add SPDX license identifier
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Packit [hello@packit.dev] - 5.14.1-1
- Update to 5.14.1 upstream release
- Resolves: rhbz#2401144
* Tue Sep 30 2025 Packit [hello@packit.dev] - 5.14.0-1
- Update to 5.14.0 upstream release
- Resolves: rhbz#2400545
* Fri Sep 19 2025 Python Maint - 5.13.0-7
- Rebuilt for Python 3.14.0rc3 bytecode
* Fri Aug 15 2025 Python Maint - 5.13.0-6
- Rebuilt for Python 3.14.0rc2 bytecode
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.13.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Fri Jun 27 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 5.13.0-4
- Re-enable uvicorn test dependency
* Thu Jun 12 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 5.13.0-3
- Omit tests that need uvicorn on Python 3.14 for now
- Fixes RHBZ#2372142
* Thu May 8 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 5.13.0-2
- F41+: Use the provisional pyproject declarative buildsystem
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2401144 - python-socketio-5.14.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2401144
[ 2 ] Bug #2401937 - CVE-2025-61765 python-socketio: python-socketio code execution (RCE) via pickle deserialization [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2401937
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-96c38634c7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: chromium-141.0.7390.65-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-10d67f6509
2025-10-11 00:56:43.169087+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 42
Version : 141.0.7390.65
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 141.0.7390.65
* High CVE-2025-11458: Heap buffer overflow in Sync
* High CVE-2025-11460: Use after free in Storage
* Medium CVE-2025-11211: Out of bounds read in WebCodecs
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 8 2025 Than Ngo [than@redhat.com] - 141.0.7390.65-1
- Update to 141.0.7390.65
* High CVE-2025-11458: Heap buffer overflow in Sync
* High CVE-2025-11460: Use after free in Storage
* Medium CVE-2025-11211: Out of bounds read in WebCodecs
* Fri Oct 3 2025 Tom Stellard [tstellar@redhat.com] - 141.0.7390.54-2
- Fix build with clang-22
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2402457 - CVE-2025-11458, CVE-2025-11460, CVE-2025-11211 - chromium security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2402457
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-10d67f6509' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: cri-o1.31-1.31.13-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-51d26ffda5
2025-10-11 00:56:43.169075+00:00
--------------------------------------------------------------------------------

Name : cri-o1.31
Product : Fedora 42
Version : 1.31.13
Release : 1.fc42
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.31.13
Resolves: rhbz#2333357, rhbz#2398406, rhbz#2398661, rhbz#2399063,
rhbz#2399337
Upstream fix
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.31.13-1
- Update to release v1.31.13
- Resolves: rhbz#2333357, rhbz#2398406, rhbz#2398661, rhbz#2399063,
rhbz#2399337
- Upstream fix
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2398406 - CVE-2025-47910 cri-o1.31: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398406
[ 3 ] Bug #2398661 - CVE-2025-47910 cri-o1.31: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398661
[ 4 ] Bug #2399063 - CVE-2025-47906 cri-o1.31: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399063
[ 5 ] Bug #2399337 - CVE-2025-47906 cri-o1.31: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399337
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-51d26ffda5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: cri-o1.32-1.32.9-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-37970906a8
2025-10-11 00:56:43.169072+00:00
--------------------------------------------------------------------------------

Name : cri-o1.32
Product : Fedora 42
Version : 1.32.9
Release : 1.fc42
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release 1.32.9
Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064,
rhbz#2399338
Upstream fix
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.9-1
- Update to release 1.32.9
- Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064,
rhbz#2399338
- Upstream fix
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2398407 - CVE-2025-47910 cri-o1.32: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398407
[ 3 ] Bug #2398662 - CVE-2025-47910 cri-o1.32: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398662
[ 4 ] Bug #2399064 - CVE-2025-47906 cri-o1.32: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399064
[ 5 ] Bug #2399338 - CVE-2025-47906 cri-o1.32: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399338
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-37970906a8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: cri-o1.34-1.34.1-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6d2a952fe1
2025-10-11 00:56:43.169067+00:00
--------------------------------------------------------------------------------

Name : cri-o1.34
Product : Fedora 42
Version : 1.34.1
Release : 1.fc42
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.34.1
Resolves: rhbz#2333357, rhbz#2398409, rhbz#2398664, rhbz#2399066,
rhbz#2399340
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.1-1
- Update to release v1.34.1
- Resolves: rhbz#2333357, rhbz#2398409, rhbz#2398664, rhbz#2399066,
rhbz#2399340
- Upstream fixes
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2398409 - CVE-2025-47910 cri-o1.34: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398409
[ 3 ] Bug #2398664 - CVE-2025-47910 cri-o1.34: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398664
[ 4 ] Bug #2399066 - CVE-2025-47906 cri-o1.34: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399066
[ 5 ] Bug #2399340 - CVE-2025-47906 cri-o1.34: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399340
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6d2a952fe1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: cri-o1.33-1.33.5-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-172ba9078e
2025-10-11 00:56:43.169070+00:00
--------------------------------------------------------------------------------

Name : cri-o1.33
Product : Fedora 42
Version : 1.33.5
Release : 1.fc42
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.33.5
Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663,
rhbz#2399065, rhbz#2399339
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 2 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.33.5-1
- Update to release v1.33.5
- Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663,
rhbz#2399065, rhbz#2399339
- Upstream fixes
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333357 - cri-o-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2333357
[ 2 ] Bug #2375096 - CVE-2025-4437 cri-o1.33: Large /etc/passwd file may lead to Denial of Service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2375096
[ 3 ] Bug #2398408 - CVE-2025-47910 cri-o1.33: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398408
[ 4 ] Bug #2398663 - CVE-2025-47910 cri-o1.33: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398663
[ 5 ] Bug #2399065 - CVE-2025-47906 cri-o1.33: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399065
[ 6 ] Bug #2399339 - CVE-2025-47906 cri-o1.33: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399339
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-172ba9078e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

Proton 10.0-3 RC released

Kernel update for RHEL 6

Chromium, Cri-O. Python-SocketIO updates for Fedora

[SECURITY] Fedora 41 Update: chromium-141.0.7390.65-1.fc41

[SECURITY] Fedora 41 Update: cri-o1.33-1.33.5-1.fc41

[SECURITY] Fedora 41 Update: cri-o1.31-1.31.13-1.fc41

[SECURITY] Fedora 41 Update: cri-o1.32-1.32.9-1.fc41

[SECURITY] Fedora 41 Update: cri-o1.34-1.34.1-1.fc41

[SECURITY] Fedora 42 Update: python-socketio-5.14.1-1.fc42

[SECURITY] Fedora 42 Update: chromium-141.0.7390.65-1.fc42

[SECURITY] Fedora 42 Update: cri-o1.31-1.31.13-1.fc42

[SECURITY] Fedora 42 Update: cri-o1.32-1.32.9-1.fc42

[SECURITY] Fedora 42 Update: cri-o1.34-1.34.1-1.fc42

[SECURITY] Fedora 42 Update: cri-o1.33-1.33.5-1.fc42

Windows

Linux

macOS

Community