Security updates have been released for Fedora Linux, specifically affecting versions 42 and 43. The updates include patches for various packages such as Chromium, K9s, Kubernetes, Buildah, Podman, Python-Mkdocs-Include-Markdown-Plugin, WebKitGTK, and others. Among the affected versions are Fedora 42, where there are seven security updates, and Fedora 41 and 43, each with two security updates for Kubernetes packages.

Fedora 42 Update: python-mkdocs-include-markdown-plugin-7.2.0-1.fc42
Fedora 42 Update: chromium-142.0.7444.175-2.fc42
Fedora 42 Update: k9s-0.50.16-2.fc42
Fedora 42 Update: kubernetes1.33-1.33.6-1.fc42
Fedora 42 Update: kubernetes1.34-1.34.2-1.fc42
Fedora 42 Update: buildah-1.42.1-1.fc42
Fedora 42 Update: podman-5.7.0-1.fc42
Fedora 41 Update: kubernetes1.33-1.33.6-1.fc41
Fedora 41 Update: kubernetes1.34-1.34.2-1.fc41
Fedora 43 Update: python-mkdocs-include-markdown-plugin-7.2.0-1.fc43
Fedora 43 Update: webkitgtk-2.50.2-1.fc43
Fedora 43 Update: k9s-0.50.16-2.fc43

[SECURITY] Fedora 42 Update: python-mkdocs-include-markdown-plugin-7.2.0-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-cb26113de5
2025-11-25 01:34:32.166769+00:00
--------------------------------------------------------------------------------

Name : python-mkdocs-include-markdown-plugin
Product : Fedora 42
Version : 7.2.0
Release : 1.fc42
URL : https://github.com/mondeja/mkdocs-include-markdown-plugin
Summary : Mkdocs Markdown includer plugin
Description :
This package provides an Mkdocs Markdown includer plugin.

--------------------------------------------------------------------------------
Update Information:

v7.2.0
New features
Add new argument order to sort multiple inclusions.
v7.1.8
Bug fixes
Escape substitution placeholders to prevent malformed output in edge cases.
(CVE-2025-59940)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 24 2025 Michel Lind [salimma@fedoraproject.org] - 7.2.0-1
- Update to 7.2.0
- Resolves: rhbz#2344045
- 7.1.8 fixes CVE-2025-59940; Resolves: rhbz#2400521
* Fri Sep 19 2025 Python Maint - 7.1.2-6
- Rebuilt for Python 3.14.0rc3 bytecode
* Fri Aug 15 2025 Python Maint - 7.1.2-5
- Rebuilt for Python 3.14.0rc2 bytecode
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 7.1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jun 3 2025 Python Maint - 7.1.2-3
- Rebuilt for Python 3.14
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2400372 - CVE-2025-59940 mkdocs-include-markdown-plugin: mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders
https://bugzilla.redhat.com/show_bug.cgi?id=2400372
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-cb26113de5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: chromium-142.0.7444.175-2.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-54b43715b6
2025-11-25 01:34:32.166762+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 42
Version : 142.0.7444.175
Release : 2.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 142.0.7444.175
* High CVE-2025-13223: Type Confusion in V8
* High CVE-2025-13224: Type Confusion in V8
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 19 2025 Than Ngo [than@redhat.com] - 142.0.7444.175-2
- Fix typos in chromium.conf
* Tue Nov 18 2025 Than Ngo [than@redhat.com] - 142.0.7444.175-1
- Update to 142.0.7444.175
* High CVE-2025-13223: Type Confusion in V8
* High CVE-2025-13224: Type Confusion in V8
* Sat Nov 15 2025 LuK1337 [priv.luk@gmail.com] - 142.0.7444.162-2
- Disable LensOverlay feature by default
* Thu Nov 13 2025 Mamoru TASAKA [mtasaka@fedoraproject.org] - 142.0.7444.162-2
- Rebuild for ffmpeg 8 again
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2413748 - [abrt] chromium: ImmediateCrash(): chromium-browser killed by SIGTRAP
https://bugzilla.redhat.com/show_bug.cgi?id=2413748
[ 2 ] Bug #2414369 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2414369
[ 3 ] Bug #2414371 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2414371
[ 4 ] Bug #2414374 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2414374
[ 5 ] Bug #2414376 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2414376
[ 6 ] Bug #2414378 - CVE-2025-12910 chromium: Inappropriate implementation in Passkeys [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2414378
[ 7 ] Bug #2414380 - CVE-2025-12908 chromium: Insufficient validation of untrusted input in Downloads [epel-10]
https://bugzilla.redhat.com/show_bug.cgi?id=2414380
[ 8 ] Bug #2414381 - CVE-2025-12908 chromium: Insufficient validation of untrusted input in Downloads [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2414381
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-54b43715b6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: k9s-0.50.16-2.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-fd56e115c0
2025-11-25 01:34:32.166732+00:00
--------------------------------------------------------------------------------

Name : k9s
Product : Fedora 42
Version : 0.50.16
Release : 2.fc42
URL : https://github.com/derailed/k9s
Summary : Kubernetes CLI To Manage Your Clusters In Style
Description :
Kubernetes CLI To Manage Your Clusters In Style!

--------------------------------------------------------------------------------
Update Information:

Rebuild to fix several CVEs in golang std.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2025 blinxen - 0.50.16-2
- Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2408051 - CVE-2025-58189 k9s: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408051
[ 2 ] Bug #2408667 - CVE-2025-61725 k9s: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408667
[ 3 ] Bug #2409520 - CVE-2025-61723 k9s: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409520
[ 4 ] Bug #2410470 - CVE-2025-58185 k9s: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410470
[ 5 ] Bug #2411369 - CVE-2025-58188 k9s: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411369
[ 6 ] Bug #2412797 - CVE-2025-58183 k9s: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412797
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-fd56e115c0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: kubernetes1.33-1.33.6-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-362709ff5e
2025-11-25 01:34:32.166694+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.33
Product : Fedora 42
Version : 1.33.6
Release : 1.fc42
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.33.6
Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523
Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610
Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528
Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739
Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589
Resolves: rhbz#2412804
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 13 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.33.6-1
- Update to release v1.33.6
- Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523
- Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610
- Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528
- Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739
- Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589
- Resolves: rhbz#2412804
- Upstream fixes
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.33.5-4
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398588 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398588
[ 2 ] Bug #2398849 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398849
[ 3 ] Bug #2399250 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399250
[ 4 ] Bug #2399523 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399523
[ 5 ] Bug #2407789 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407789
[ 6 ] Bug #2408059 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408059
[ 7 ] Bug #2408316 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408316
[ 8 ] Bug #2408610 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408610
[ 9 ] Bug #2408673 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408673
[ 10 ] Bug #2408731 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408731
[ 11 ] Bug #2409238 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409238
[ 12 ] Bug #2409528 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409528
[ 13 ] Bug #2409789 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409789
[ 14 ] Bug #2410203 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410203
[ 15 ] Bug #2410478 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410478
[ 16 ] Bug #2410739 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410739
[ 17 ] Bug #2411118 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411118
[ 18 ] Bug #2411377 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411377
[ 19 ] Bug #2412570 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412570
[ 20 ] Bug #2412589 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412589
[ 21 ] Bug #2412804 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412804
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-362709ff5e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: kubernetes1.34-1.34.2-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4c576d1bd9
2025-11-25 01:34:32.166692+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.34
Product : Fedora 42
Version : 1.34.2
Release : 1.fc42
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.34.2
Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524
Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611
Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529
Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740
Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590
Resolves: rhbz#2412805
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 14 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.2-1
- Update to release v1.34.2
- Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524
- Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611
- Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529
- Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740
- Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590
- Resolves: rhbz#2412805
- Upstream fixes
* Fri Nov 14 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.1-4
- Reorder CRI Recommends
- Update cri-o recommend with correct version information
- Reorder CRI as (for example): Recommends: (cri-o1.34 or containerd)
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.34.1-3
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398589 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398589
[ 2 ] Bug #2398850 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398850
[ 3 ] Bug #2399251 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399251
[ 4 ] Bug #2399524 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399524
[ 5 ] Bug #2407790 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407790
[ 6 ] Bug #2408060 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408060
[ 7 ] Bug #2408317 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408317
[ 8 ] Bug #2408611 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408611
[ 9 ] Bug #2408674 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408674
[ 10 ] Bug #2408732 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408732
[ 11 ] Bug #2409239 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409239
[ 12 ] Bug #2409529 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409529
[ 13 ] Bug #2409790 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409790
[ 14 ] Bug #2410204 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410204
[ 15 ] Bug #2410479 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410479
[ 16 ] Bug #2410740 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410740
[ 17 ] Bug #2411120 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411120
[ 18 ] Bug #2411378 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411378
[ 19 ] Bug #2411636 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411636
[ 20 ] Bug #2412590 - CVE-2025-58183 kubernetes1.34: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412590
[ 21 ] Bug #2412805 - CVE-2025-58183 kubernetes1.34: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412805
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4c576d1bd9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: buildah-1.42.1-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8a248ee4f4
2025-11-25 01:34:32.166658+00:00
--------------------------------------------------------------------------------

Name : buildah
Product : Fedora 42
Version : 1.42.1
Release : 1.fc42
URL : https://buildah.io
Summary : A command line tool used for creating OCI Images
Description :
The buildah package provides a command line tool which can be used to
* create a working container from scratch
or
* create a working container from an image as a starting point
* mount/umount a working container's root file system for manipulation
* save container's root file system layer to create a new image
* delete a working container or an image

--------------------------------------------------------------------------------
Update Information:

Automatic update for podman-5.7.0-1.fc42, buildah-1.42.1-1.fc42.
Changelog for podman
* Tue Nov 11 2025 Packit [hello@packit.dev] - 5:5.7.0-1
- Update to 5.7.0 upstream release
* Thu Oct 30 2025 Packit [hello@packit.dev] - 5:5.7.0~rc2-1
- Update to 5.7.0-rc2 upstream release
* Tue Oct 28 2025 Lokesh Mandvekar [lsm5@redhat.com] - 5:5.7.0~rc1-1
- bump to v5.7.0-rc1
Changelog for buildah
* Tue Nov 11 2025 Packit [hello@packit.dev] - 2:1.42.1-1
- Update to 1.42.1 upstream release
* Mon Nov 03 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-3
- Rebuild for CVE fixes
* Thu Oct 23 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-2
- cleanup changelog
* Wed Oct 22 2025 Packit [hello@packit.dev] - 2:1.42.0-1
- Update to 1.42.0 upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Packit [hello@packit.dev] - 2:1.42.1-1
- Update to 1.42.1 upstream release
* Mon Nov 3 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-3
- Rebuild for CVE fixes
* Thu Oct 23 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-2
- cleanup changelog
* Wed Oct 22 2025 Packit [hello@packit.dev] - 2:1.42.0-1
- Update to 1.42.0 upstream release
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407848 - CVE-2025-58189 buildah: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407848
[ 2 ] Bug #2408084 - CVE-2025-58189 podman: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408084
[ 3 ] Bug #2408629 - CVE-2025-61725 buildah: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408629
[ 4 ] Bug #2408684 - CVE-2025-61725 podman: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408684
[ 5 ] Bug #2409315 - CVE-2025-61723 buildah: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409315
[ 6 ] Bug #2409554 - CVE-2025-61723 podman: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409554
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8a248ee4f4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: podman-5.7.0-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8a248ee4f4
2025-11-25 01:34:32.166658+00:00
--------------------------------------------------------------------------------

Name : podman
Product : Fedora 42
Version : 5.7.0
Release : 1.fc42
URL : https://podman.io/
Summary : Manage Pods, Containers and Container Images
Description :
podman (Pod Manager) is a fully featured container engine that is a simple
daemonless tool. podman provides a Docker-CLI comparable command line that
eases the transition from other container engines and allows the management of
pods, containers and images. Simply put: alias docker=podman.
Most podman commands can be run as a regular user, without requiring
additional privileges.

podman uses Buildah(1) internally to create container images.
Both tools share image (not container) storage, hence each can use or
manipulate images (but not containers) created by the other.

--------------------------------------------------------------------------------
Update Information:

Automatic update for podman-5.7.0-1.fc42, buildah-1.42.1-1.fc42.
Changelog for podman
* Tue Nov 11 2025 Packit [hello@packit.dev] - 5:5.7.0-1
- Update to 5.7.0 upstream release
* Thu Oct 30 2025 Packit [hello@packit.dev] - 5:5.7.0~rc2-1
- Update to 5.7.0-rc2 upstream release
* Tue Oct 28 2025 Lokesh Mandvekar [lsm5@redhat.com] - 5:5.7.0~rc1-1
- bump to v5.7.0-rc1
Changelog for buildah
* Tue Nov 11 2025 Packit [hello@packit.dev] - 2:1.42.1-1
- Update to 1.42.1 upstream release
* Mon Nov 03 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-3
- Rebuild for CVE fixes
* Thu Oct 23 2025 Lokesh Mandvekar [lsm5@redhat.com] - 2:1.42.0-2
- cleanup changelog
* Wed Oct 22 2025 Packit [hello@packit.dev] - 2:1.42.0-1
- Update to 1.42.0 upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Packit [hello@packit.dev] - 5:5.7.0-1
- Update to 5.7.0 upstream release
* Thu Oct 30 2025 Packit [hello@packit.dev] - 5:5.7.0~rc2-1
- Update to 5.7.0-rc2 upstream release
* Tue Oct 28 2025 Lokesh Mandvekar [lsm5@redhat.com] - 5:5.7.0~rc1-1
- bump to v5.7.0-rc1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407848 - CVE-2025-58189 buildah: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407848
[ 2 ] Bug #2408084 - CVE-2025-58189 podman: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408084
[ 3 ] Bug #2408629 - CVE-2025-61725 buildah: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408629
[ 4 ] Bug #2408684 - CVE-2025-61725 podman: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408684
[ 5 ] Bug #2409315 - CVE-2025-61723 buildah: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409315
[ 6 ] Bug #2409554 - CVE-2025-61723 podman: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409554
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8a248ee4f4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: kubernetes1.33-1.33.6-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e282b00383
2025-11-25 01:20:41.228737+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.33
Product : Fedora 41
Version : 1.33.6
Release : 1.fc41
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.33.6
Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523
Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610
Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528
Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739
Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589
Resolves: rhbz#2412804
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 13 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.33.6-1
- Update to release v1.33.6
- Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523
- Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610
- Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528
- Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739
- Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589
- Resolves: rhbz#2412804
- Upstream fixes
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.33.5-4
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398588 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398588
[ 2 ] Bug #2398849 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398849
[ 3 ] Bug #2399250 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399250
[ 4 ] Bug #2399523 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399523
[ 5 ] Bug #2407789 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407789
[ 6 ] Bug #2408059 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408059
[ 7 ] Bug #2408316 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408316
[ 8 ] Bug #2408610 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408610
[ 9 ] Bug #2408673 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408673
[ 10 ] Bug #2408731 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408731
[ 11 ] Bug #2409238 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409238
[ 12 ] Bug #2409528 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409528
[ 13 ] Bug #2409789 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409789
[ 14 ] Bug #2410203 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410203
[ 15 ] Bug #2410478 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410478
[ 16 ] Bug #2410739 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410739
[ 17 ] Bug #2411118 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411118
[ 18 ] Bug #2411377 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411377
[ 19 ] Bug #2412570 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412570
[ 20 ] Bug #2412589 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412589
[ 21 ] Bug #2412804 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412804
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e282b00383' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: kubernetes1.34-1.34.2-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ebce31df24
2025-11-25 01:20:41.228735+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.34
Product : Fedora 41
Version : 1.34.2
Release : 1.fc41
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.34.2
Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524
Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611
Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529
Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740
Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590
Resolves: rhbz#2412805
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 14 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.2-1
- Update to release v1.34.2
- Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524
- Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611
- Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529
- Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740
- Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590
- Resolves: rhbz#2412805
- Upstream fixes
* Fri Nov 14 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.1-4
- Reorder CRI Recommends
- Update cri-o recommend with correct version information
- Reorder CRI as (for example): Recommends: (cri-o1.34 or containerd)
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.34.1-3
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398589 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398589
[ 2 ] Bug #2398850 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398850
[ 3 ] Bug #2399251 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399251
[ 4 ] Bug #2399524 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399524
[ 5 ] Bug #2407790 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407790
[ 6 ] Bug #2408060 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408060
[ 7 ] Bug #2408317 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408317
[ 8 ] Bug #2408611 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408611
[ 9 ] Bug #2408674 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408674
[ 10 ] Bug #2408732 - CVE-2025-61725 kubernetes1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408732
[ 11 ] Bug #2409239 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409239
[ 12 ] Bug #2409529 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409529
[ 13 ] Bug #2409790 - CVE-2025-61723 kubernetes1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409790
[ 14 ] Bug #2410204 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410204
[ 15 ] Bug #2410479 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410479
[ 16 ] Bug #2410740 - CVE-2025-58185 kubernetes1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410740
[ 17 ] Bug #2411120 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411120
[ 18 ] Bug #2411378 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411378
[ 19 ] Bug #2411636 - CVE-2025-58188 kubernetes1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411636
[ 20 ] Bug #2412590 - CVE-2025-58183 kubernetes1.34: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412590
[ 21 ] Bug #2412805 - CVE-2025-58183 kubernetes1.34: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412805
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ebce31df24' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: python-mkdocs-include-markdown-plugin-7.2.0-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1b1bb708af
2025-11-25 01:06:48.342007+00:00
--------------------------------------------------------------------------------

Name : python-mkdocs-include-markdown-plugin
Product : Fedora 43
Version : 7.2.0
Release : 1.fc43
URL : https://github.com/mondeja/mkdocs-include-markdown-plugin
Summary : Mkdocs Markdown includer plugin
Description :
This package provides an Mkdocs Markdown includer plugin.

--------------------------------------------------------------------------------
Update Information:

v7.2.0
New features
Add new argument order to sort multiple inclusions.
v7.1.8
Bug fixes
Escape substitution placeholders to prevent malformed output in edge cases.
(CVE-2025-59940)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 24 2025 Michel Lind [salimma@fedoraproject.org] - 7.2.0-1
- Update to 7.2.0
- Resolves: rhbz#2344045
- 7.1.8 fixes CVE-2025-59940; Resolves: rhbz#2400521
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2400372 - CVE-2025-59940 mkdocs-include-markdown-plugin: mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders
https://bugzilla.redhat.com/show_bug.cgi?id=2400372
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1b1bb708af' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: webkitgtk-2.50.2-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f3e9e3af6
2025-11-25 01:06:48.341994+00:00
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 43
Version : 2.50.2
Release : 1.fc43
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Prevent unsafe URI schemes from participating in media playback.
Make jsc_value_array_buffer_get_data() function introspectable.
Fix logging in to Google accounts that have a WebAuthn second factor configured.
Fix loading webkit://gpu when there are no threads configured for GPU rendering.
Fix rendering gradients that use the CSS hue interpolation method.
Fix pasting image data from the clipboard.
Fix font-family selection when the font name contains spaces.
Fix capturing canvas snapshots in the Web Inspector.
Fix several crashes and rendering issues.
2.50.2 CVE fixes: CVE-2023-43000, CVE-2025-43392, CVE-2025-43419,
CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431,
CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43480
This Fedora update additionally fixes CVE-2025-43421 via a downstream patch
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 21 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.50.2-1
- Update to 2.50.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2403627 - CVE-2025-43343 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2403627
[ 2 ] Bug #2416362 - CVE-2023-43000 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2416362
[ 3 ] Bug #2416363 - CVE-2023-43000 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2416363
[ 4 ] Bug #2416369 - CVE-2025-43392 webkitgtk: A website may exfiltrate image data cross-origin [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2416369
[ 5 ] Bug #2416370 - CVE-2025-43392 webkitgtk: A website may exfiltrate image data cross-origin [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2416370
[ 6 ] Bug #2416375 - CVE-2025-43419 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2416375
[ 7 ] Bug #2416376 - CVE-2025-43419 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2416376
[ 8 ] Bug #2416381 - CVE-2025-43425 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2416381
[ 9 ] Bug #2416382 - CVE-2025-43425 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2416382
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f3e9e3af6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: k9s-0.50.16-2.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-30806907c2
2025-11-25 01:06:48.341950+00:00
--------------------------------------------------------------------------------

Name : k9s
Product : Fedora 43
Version : 0.50.16
Release : 2.fc43
URL : https://github.com/derailed/k9s
Summary : Kubernetes CLI To Manage Your Clusters In Style
Description :
Kubernetes CLI To Manage Your Clusters In Style!

--------------------------------------------------------------------------------
Update Information:

Rebuild to fix several CVEs in golang std.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2025 blinxen - 0.50.16-2
- Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2408309 - CVE-2025-58189 k9s: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408309
[ 2 ] Bug #2408726 - CVE-2025-61725 k9s: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408726
[ 3 ] Bug #2409782 - CVE-2025-61723 k9s: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409782
[ 4 ] Bug #2410732 - CVE-2025-58185 k9s: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410732
[ 5 ] Bug #2411628 - CVE-2025-58188 k9s: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411628
[ 6 ] Bug #2412583 - CVE-2025-58183 k9s: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412583
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-30806907c2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--