Several security updates have been released for Fedora Linux, affecting various versions including Fedora 43 and 42. The updates include patches for Kubernetes, cri-o, dovecot, dotnet, and linux-firmware among others. These updates aim to enhance the security of Fedora Linux systems by addressing potential vulnerabilities. Users are advised to check their system's version and apply any necessary updates.

Fedora 43 Update: kubernetes1.31-1.31.14-1.fc43
Fedora 43 Update: cri-o1.33-1.33.6-1.fc43
Fedora 43 Update: cri-o1.34-1.34.2-1.fc43
Fedora 43 Update: cri-o1.32-1.32.10-1.fc43
Fedora 43 Update: dovecot-2.4.1-8.fc43
Fedora 42 Update: dotnet10.0-10.0.100-1.fc42
Fedora 42 Update: linux-firmware-20251111-1.fc42
Fedora 42 Update: kubernetes1.32-1.32.10-2.fc42
Fedora 42 Update: kubernetes1.31-1.31.14-1.fc42
Fedora 42 Update: cri-o1.34-1.34.2-1.fc42
Fedora 42 Update: cri-o1.32-1.32.10-1.fc42
Fedora 41 Update: dotnet10.0-10.0.100-1.fc41
Fedora 41 Update: kubernetes1.31-1.31.14-1.fc41
Fedora 41 Update: gopass-hibp-1.16.0-1.fc41
Fedora 41 Update: cri-o1.34-1.34.2-1.fc41
Fedora 41 Update: cri-o1.32-1.32.10-1.fc41

[SECURITY] Fedora 43 Update: kubernetes1.31-1.31.14-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-5a4555eabc
2025-11-22 01:28:46.754123+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.31
Product : Fedora 43
Version : 1.31.14
Release : 1.fc43
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.31.14
Resolves: rhbz#2398586, rhbz#2398847, rhbz#2399248, rhbz#2399521
Resolves: rhbz#2399702, rhbz#2399720, rhbz#2407787, rhbz#2408057
Resolves: rhbz#2408314, rhbz#2408608, rhbz#2408671, rhbz#2408729
Resolves: rhbz#2409236, rhbz#2409526, rhbz#2409787, rhbz#2410201
Resolves: rhbz#2410476, rhbz#2410737, rhbz#2411116, rhbz#2411375
Resolves: rhbz#2411633, rhbz#2412568, rhbz#2412587, rhbz#2412802
Upstream fixes.
Likely last release of Kubernetes 1.31
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.31.14-1
- Update to release v1.31.14
- Resolves: rhbz#2398586, rhbz#2398847, rhbz#2399248, rhbz#2399521
- Resolves: rhbz#2399702, rhbz#2399720, rhbz#2407787, rhbz#2408057
- Resolves: rhbz#2408314, rhbz#2408608, rhbz#2408671, rhbz#2408729
- Resolves: rhbz#2409236, rhbz#2409526, rhbz#2409787, rhbz#2410201
- Resolves: rhbz#2410476, rhbz#2410737, rhbz#2411116, rhbz#2411375
- Resolves: rhbz#2411633, rhbz#2412568, rhbz#2412587, rhbz#2412802
- Upstream fixes.
- Likely last release of Kubernetes 1.31
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.31.13-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398586 - CVE-2025-47910 kubernetes1.31: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398586
[ 2 ] Bug #2398847 - CVE-2025-47910 kubernetes1.31: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398847
[ 3 ] Bug #2399248 - CVE-2025-47906 kubernetes1.31: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399248
[ 4 ] Bug #2399521 - CVE-2025-47906 kubernetes1.31: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399521
[ 5 ] Bug #2399702 - CVE-2025-11065 kubernetes1.31: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399702
[ 6 ] Bug #2399720 - CVE-2025-11065 kubernetes1.31: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399720
[ 7 ] Bug #2407787 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407787
[ 8 ] Bug #2408057 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408057
[ 9 ] Bug #2408314 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408314
[ 10 ] Bug #2408608 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408608
[ 11 ] Bug #2408671 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408671
[ 12 ] Bug #2408729 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408729
[ 13 ] Bug #2409236 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409236
[ 14 ] Bug #2409526 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409526
[ 15 ] Bug #2409787 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409787
[ 16 ] Bug #2410201 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410201
[ 17 ] Bug #2410476 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410476
[ 18 ] Bug #2410737 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410737
[ 19 ] Bug #2411116 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411116
[ 20 ] Bug #2411375 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411375
[ 21 ] Bug #2411633 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411633
[ 22 ] Bug #2412568 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412568
[ 23 ] Bug #2412587 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412587
[ 24 ] Bug #2412802 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412802
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-5a4555eabc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 43 Update: cri-o1.33-1.33.6-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b339c2eaad
2025-11-22 01:28:46.754053+00:00
--------------------------------------------------------------------------------

Name : cri-o1.33
Product : Fedora 43
Version : 1.33.6
Release : 1.fc43
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release 1.33.6
Resolves: rhbz#2407594, rhbz#2407865, rhbz#2408141, rhbz#2408575
Resolves: rhbz#2408639, rhbz#2408702, rhbz#2409049, rhbz#2409332
Resolves: rhbz#2409611, rhbz#2409997, rhbz#2410284, rhbz#2410562
Resolves: rhbz#2410929, rhbz#2411197, rhbz#2411460, rhbz#2412525
Resolves: rhbz#2412677, rhbz#2412757
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.33.6-1
- Update to release 1.33.6
- Resolves: rhbz#2407594, rhbz#2407865, rhbz#2408141, rhbz#2408575
- Resolves: rhbz#2408639, rhbz#2408702, rhbz#2409049, rhbz#2409332
- Resolves: rhbz#2409611, rhbz#2409997, rhbz#2410284, rhbz#2410562
- Resolves: rhbz#2410929, rhbz#2411197, rhbz#2411460, rhbz#2412525
- Resolves: rhbz#2412677, rhbz#2412757
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.33.5-2
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407594 - CVE-2025-58189 cri-o1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407594
[ 2 ] Bug #2407865 - CVE-2025-58189 cri-o1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407865
[ 3 ] Bug #2408141 - CVE-2025-58189 cri-o1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408141
[ 4 ] Bug #2408575 - CVE-2025-61725 cri-o1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408575
[ 5 ] Bug #2408639 - CVE-2025-61725 cri-o1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408639
[ 6 ] Bug #2408702 - CVE-2025-61725 cri-o1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408702
[ 7 ] Bug #2409049 - CVE-2025-61723 cri-o1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409049
[ 8 ] Bug #2409332 - CVE-2025-61723 cri-o1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409332
[ 9 ] Bug #2409611 - CVE-2025-61723 cri-o1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409611
[ 10 ] Bug #2409997 - CVE-2025-58185 cri-o1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409997
[ 11 ] Bug #2410284 - CVE-2025-58185 cri-o1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410284
[ 12 ] Bug #2410562 - CVE-2025-58185 cri-o1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410562
[ 13 ] Bug #2410929 - CVE-2025-58188 cri-o1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410929
[ 14 ] Bug #2411197 - CVE-2025-58188 cri-o1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411197
[ 15 ] Bug #2411460 - CVE-2025-58188 cri-o1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411460
[ 16 ] Bug #2412525 - CVE-2025-58183 cri-o1.33: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412525
[ 17 ] Bug #2412677 - CVE-2025-58183 cri-o1.33: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412677
[ 18 ] Bug #2412757 - CVE-2025-58183 cri-o1.33: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412757
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b339c2eaad' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: cri-o1.34-1.34.2-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-723e0fd8bd
2025-11-22 01:28:46.754050+00:00
--------------------------------------------------------------------------------

Name : cri-o1.34
Product : Fedora 43
Version : 1.34.2
Release : 1.fc43
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release 1.34.2
Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577
Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333
Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563
Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526
Resolves: rhbz#2412678, rhbz#2412758
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.2-1
- Update to release 1.34.2
- Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577
- Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333
- Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563
- Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526
- Resolves: rhbz#2412678, rhbz#2412758
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.34.1-2
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407595 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407595
[ 2 ] Bug #2407866 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407866
[ 3 ] Bug #2408142 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408142
[ 4 ] Bug #2408577 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408577
[ 5 ] Bug #2408640 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408640
[ 6 ] Bug #2408703 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408703
[ 7 ] Bug #2409050 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409050
[ 8 ] Bug #2409333 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409333
[ 9 ] Bug #2409612 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409612
[ 10 ] Bug #2409998 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409998
[ 11 ] Bug #2410285 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410285
[ 12 ] Bug #2410563 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410563
[ 13 ] Bug #2410930 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410930
[ 14 ] Bug #2411198 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411198
[ 15 ] Bug #2411461 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411461
[ 16 ] Bug #2412526 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412526
[ 17 ] Bug #2412678 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412678
[ 18 ] Bug #2412758 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412758
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-723e0fd8bd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 43 Update: cri-o1.32-1.32.10-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a246780676
2025-11-22 01:28:46.754044+00:00
--------------------------------------------------------------------------------

Name : cri-o1.32
Product : Fedora 43
Version : 1.32.10
Release : 1.fc43
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.32.10
Resolves: rhbz#2407593, rhbz#2407864, rhbz#2408140, rhbz#2408571
Resolves: rhbz#2408638, rhbz#2408701, rhbz#2409048, rhbz#2409331
Resolves: rhbz#2409610, rhbz#2409996, rhbz#2410283, rhbz#2410561
Resolves: rhbz#2410928, rhbz#2411196, rhbz#2411459, rhbz#2412524
Resolves: rhbz#2412676, rhbz#2412756
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.10-1
- Update to release v1.32.10
- Resolves: rhbz#2407593, rhbz#2407864, rhbz#2408140, rhbz#2408571
- Resolves: rhbz#2408638, rhbz#2408701, rhbz#2409048, rhbz#2409331
- Resolves: rhbz#2409610, rhbz#2409996, rhbz#2410283, rhbz#2410561
- Resolves: rhbz#2410928, rhbz#2411196, rhbz#2411459, rhbz#2412524
- Resolves: rhbz#2412676, rhbz#2412756
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.32.9-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407593 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407593
[ 2 ] Bug #2407864 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407864
[ 3 ] Bug #2408140 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408140
[ 4 ] Bug #2408571 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408571
[ 5 ] Bug #2408638 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408638
[ 6 ] Bug #2408701 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408701
[ 7 ] Bug #2409048 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409048
[ 8 ] Bug #2409331 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409331
[ 9 ] Bug #2409610 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409610
[ 10 ] Bug #2409996 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409996
[ 11 ] Bug #2410283 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410283
[ 12 ] Bug #2410561 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410561
[ 13 ] Bug #2410928 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410928
[ 14 ] Bug #2411196 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411196
[ 15 ] Bug #2411459 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411459
[ 16 ] Bug #2412524 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412524
[ 17 ] Bug #2412676 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412676
[ 18 ] Bug #2412756 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412756
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a246780676' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 43 Update: dovecot-2.4.1-8.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e491c93405
2025-11-22 01:28:46.754010+00:00
--------------------------------------------------------------------------------

Name : dovecot
Product : Fedora 43
Version : 2.4.1
Release : 8.fc43
URL : https://www.dovecot.org/
Summary : Secure imap and pop3 server
Description :
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security
primarily in mind. It also contains a small POP3 server. It supports mail
in either of maildir or mbox formats.

The SQL drivers and authentication plug-ins are in their subpackages.

--------------------------------------------------------------------------------
Update Information:

fixes CVE-2025-30189
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 5 2025 Michal Hlavinka [mhlavink@redhat.com] - 1:2.4.1-8
- update patch for CVE-2025-30189
* Wed Oct 15 2025 Michal Hlavinka [mhlavink@redhat.com] - 1:2.4.1-7
- enable fts flatcurve
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e491c93405' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: dotnet10.0-10.0.100-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-aaa5764dc9
2025-11-22 01:11:37.542902+00:00
--------------------------------------------------------------------------------

Name : dotnet10.0
Product : Fedora 42
Version : 10.0.100
Release : 1.fc42
URL : https://github.com/dotnet/
Summary : .NET 10.0 Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the .NET 10 GA update
Update .NEt 10 to RC 2
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Omair Majid [omajid@redhat.com] - 10.0.100-1
- Update to .NET SDK 10.0.100 and Runtime 10.0.0
* Sun Nov 2 2025 Omair Majid [omajid@redhat.com] - 10.0.100~rc.2.25502.107-0.10
- Update to .NET SDK 10.0.100-rc.2.25502.107 and Runtime 10.0.0-rc.2.25502.107
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-aaa5764dc9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: linux-firmware-20251111-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ecd9a3485b
2025-11-22 01:11:37.542904+00:00
--------------------------------------------------------------------------------

Name : linux-firmware
Product : Fedora 42
Version : 20251111
Release : 1.fc42
URL : http://www.kernel.org/
Summary : Firmware files used by the Linux kernel
Description :
This package includes firmware files required for some devices to
operate.

--------------------------------------------------------------------------------
Update Information:

Upstream linux-firmware 20251111 release:
rtl_bt: Update RTL8922A BT USB firmware to 0x41C0_C905
add firmware for mt7987 internal 2.5G ethernet phy
rtw88: 8822b: Update firmware to v30.20.0
rtl_nic: add firmware rtl8125k-1
ASoC: tas2781: Update dsp firmware for HP and ASUS projects
amdgpu: DMCUB updates for various ASICs
qcom: add SOCCP firmware for kaanapali platform
xe: Update GUC to v70.53.0 for BMG, LNL, PTL
i915: Update GUC to v70.53.0 for DG2, MTL
rtw89: 8851b: update fw to v0.29.41.5
rtw89: 8852b: update fw to v0.29.128.0 with format suffix -2
rtw89: 8852b: update fw to v0.29.29.14
rtw89: 8852bt: update fw to v0.29.127.0 with format suffix -1
Update firmware file for Intel BlazarI/BlazarU core
Create audio folder in ti folder, and move all the audio firmwares into it
amdgpu: DMCUB updates for various ASICs
Update AMD cpu microcode
mediatek MT7925: update bluetooth firmware to 20251015213201
rtl_bt: Add firmware and config files for RTL8761CUV
Update AMD cpu microcode
qcom: add ADSP firmware for kaanapali platform
amdgpu: DMCUB updates for various ASICs
mediatek MT7920: update bluetooth firmware to 20251020151255
update firmware for MT7920/MT7922/MT7925 WiFi device
amd-ucode: Fix minimum revisions in README
cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker
ID
mediatek MT7922: update bluetooth firmware to 20251020143443
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2025 Peter Robinson [pbrobinson@fedoraproject.org] - 20251111-1
- Update to 20251111
- rtl_bt: Update RTL8922A BT USB firmware to 0x41C0_C905
- add firmware for mt7987 internal 2.5G ethernet phy
- rtw88: 8822b: Update firmware to v30.20.0
- rtl_nic: add firmware rtl8125k-1
- ASoC: tas2781: Update dsp firmware for HP and ASUS projects
- amdgpu: DMCUB updates for various ASICs
- qcom: add SOCCP firmware for kaanapali platform
- xe: Update GUC to v70.53.0 for BMG, LNL, PTL
- i915: Update GUC to v70.53.0 for DG2, MTL
- rtw89: 8851b: update fw to v0.29.41.5
- rtw89: 8852b: update fw to v0.29.128.0 with format suffix -2
- rtw89: 8852b: update fw to v0.29.29.14
- rtw89: 8852bt: update fw to v0.29.127.0 with format suffix -1
- Update firmware file for Intel BlazarI/BlazarU core
- Create audio folder in ti folder, and move all the audio firmwares into it
- amdgpu: DMCUB updates for various ASICs
- Update AMD cpu microcode
- mediatek MT7925: update bluetooth firmware to 20251015213201
- rtl_bt: Add firmware and config files for RTL8761CUV
- Update AMD cpu microcode
- qcom: add ADSP firmware for kaanapali platform
- amdgpu: DMCUB updates for various ASICs
- mediatek MT7920: update bluetooth firmware to 20251020151255
- update firmware for MT7920/MT7922/MT7925 WiFi device
- amd-ucode: Fix minimum revisions in README
- cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker ID
- mediatek MT7922: update bluetooth firmware to 20251020143443
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ecd9a3485b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: kubernetes1.32-1.32.10-2.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-0131063534
2025-11-22 01:11:37.542899+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.32
Product : Fedora 42
Version : 1.32.10
Release : 2.fc42
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.32.10
Resolves: rhbz#2414539
Resolves: rhbz#2398587, rhbz#2398848, rhbz#2399249, rhbz#2399522
Resolves: rhbz#2399703, rhbz#2399721, rhbz#2407788, rhbz#2408058
Resolves: rhbz#2408315, rhbz#2408609, rhbz#2408672, rhbz#2408730
Resolves: rhbz#2409237, rhbz#2409527, rhbz#2409788, rhbz#2410202
Resolves: rhbz#2410477, rhbz#2410738, rhbz#2411117, rhbz#2411376
Resolves: rhbz#2411634, rhbz#2412569, rhbz#2412588, rhbz#2412803
Upstream fixes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.10-1
- Update to release v1.32.10
- Resolves: rhbz#2414539
- Resolves: rhbz#2398587, rhbz#2398848, rhbz#2399249, rhbz#2399522
- Resolves: rhbz#2399703, rhbz#2399721, rhbz#2407788, rhbz#2408058
- Resolves: rhbz#2408315, rhbz#2408609, rhbz#2408672, rhbz#2408730
- Resolves: rhbz#2409237, rhbz#2409527, rhbz#2409788, rhbz#2410202
- Resolves: rhbz#2410477, rhbz#2410738, rhbz#2411117, rhbz#2411376
- Resolves: rhbz#2411634, rhbz#2412569, rhbz#2412588, rhbz#2412803
- Upstream fixes
* Wed Nov 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.9-2
- Revise template
- Remove transition artifacts - from non-versioned kubernetes
- Remove unneeded network rpms
- Remove duplicate requires
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398587 - CVE-2025-47910 kubernetes1.32: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398587
[ 2 ] Bug #2398848 - CVE-2025-47910 kubernetes1.32: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398848
[ 3 ] Bug #2399249 - CVE-2025-47906 kubernetes1.32: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399249
[ 4 ] Bug #2399522 - CVE-2025-47906 kubernetes1.32: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399522
[ 5 ] Bug #2399703 - CVE-2025-11065 kubernetes1.32: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399703
[ 6 ] Bug #2399721 - CVE-2025-11065 kubernetes1.32: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399721
[ 7 ] Bug #2407788 - CVE-2025-58189 kubernetes1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407788
[ 8 ] Bug #2408058 - CVE-2025-58189 kubernetes1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408058
[ 9 ] Bug #2408315 - CVE-2025-58189 kubernetes1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408315
[ 10 ] Bug #2408609 - CVE-2025-61725 kubernetes1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408609
[ 11 ] Bug #2408672 - CVE-2025-61725 kubernetes1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408672
[ 12 ] Bug #2408730 - CVE-2025-61725 kubernetes1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408730
[ 13 ] Bug #2409237 - CVE-2025-61723 kubernetes1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409237
[ 14 ] Bug #2409527 - CVE-2025-61723 kubernetes1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409527
[ 15 ] Bug #2409788 - CVE-2025-61723 kubernetes1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409788
[ 16 ] Bug #2410202 - CVE-2025-58185 kubernetes1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410202
[ 17 ] Bug #2410477 - CVE-2025-58185 kubernetes1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410477
[ 18 ] Bug #2410738 - CVE-2025-58185 kubernetes1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410738
[ 19 ] Bug #2411117 - CVE-2025-58188 kubernetes1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411117
[ 20 ] Bug #2411376 - CVE-2025-58188 kubernetes1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411376
[ 21 ] Bug #2411634 - CVE-2025-58188 kubernetes1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411634
[ 22 ] Bug #2412569 - CVE-2025-58183 kubernetes1.32: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412569
[ 23 ] Bug #2412588 - CVE-2025-58183 kubernetes1.32: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412588
[ 24 ] Bug #2412803 - CVE-2025-58183 kubernetes1.32: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412803
[ 25 ] Bug #2414539 - kubernetes1.32-1.34.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2414539
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-0131063534' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: kubernetes1.31-1.31.14-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4a1370ea1b
2025-11-22 01:11:37.542854+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.31
Product : Fedora 42
Version : 1.31.14
Release : 1.fc42
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.31.14
Resolves: rhbz#2398586, rhbz#2398847, rhbz#2399248, rhbz#2399521
Resolves: rhbz#2399702, rhbz#2399720, rhbz#2407787, rhbz#2408057
Resolves: rhbz#2408314, rhbz#2408608, rhbz#2408671, rhbz#2408729
Resolves: rhbz#2409236, rhbz#2409526, rhbz#2409787, rhbz#2410201
Resolves: rhbz#2410476, rhbz#2410737, rhbz#2411116, rhbz#2411375
Resolves: rhbz#2411633, rhbz#2412568, rhbz#2412587, rhbz#2412802
Upstream fixes.
Likely last release of Kubernetes 1.31
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.31.14-1
- Update to release v1.31.14
- Resolves: rhbz#2398586, rhbz#2398847, rhbz#2399248, rhbz#2399521
- Resolves: rhbz#2399702, rhbz#2399720, rhbz#2407787, rhbz#2408057
- Resolves: rhbz#2408314, rhbz#2408608, rhbz#2408671, rhbz#2408729
- Resolves: rhbz#2409236, rhbz#2409526, rhbz#2409787, rhbz#2410201
- Resolves: rhbz#2410476, rhbz#2410737, rhbz#2411116, rhbz#2411375
- Resolves: rhbz#2411633, rhbz#2412568, rhbz#2412587, rhbz#2412802
- Upstream fixes.
- Likely last release of Kubernetes 1.31
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.31.13-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398586 - CVE-2025-47910 kubernetes1.31: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398586
[ 2 ] Bug #2398847 - CVE-2025-47910 kubernetes1.31: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398847
[ 3 ] Bug #2399248 - CVE-2025-47906 kubernetes1.31: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399248
[ 4 ] Bug #2399521 - CVE-2025-47906 kubernetes1.31: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399521
[ 5 ] Bug #2399702 - CVE-2025-11065 kubernetes1.31: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399702
[ 6 ] Bug #2399720 - CVE-2025-11065 kubernetes1.31: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399720
[ 7 ] Bug #2407787 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407787
[ 8 ] Bug #2408057 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408057
[ 9 ] Bug #2408314 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408314
[ 10 ] Bug #2408608 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408608
[ 11 ] Bug #2408671 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408671
[ 12 ] Bug #2408729 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408729
[ 13 ] Bug #2409236 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409236
[ 14 ] Bug #2409526 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409526
[ 15 ] Bug #2409787 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409787
[ 16 ] Bug #2410201 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410201
[ 17 ] Bug #2410476 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410476
[ 18 ] Bug #2410737 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410737
[ 19 ] Bug #2411116 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411116
[ 20 ] Bug #2411375 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411375
[ 21 ] Bug #2411633 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411633
[ 22 ] Bug #2412568 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412568
[ 23 ] Bug #2412587 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412587
[ 24 ] Bug #2412802 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412802
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4a1370ea1b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 42 Update: cri-o1.34-1.34.2-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1e7710541e
2025-11-22 01:11:37.542819+00:00
--------------------------------------------------------------------------------

Name : cri-o1.34
Product : Fedora 42
Version : 1.34.2
Release : 1.fc42
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release 1.34.2
Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577
Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333
Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563
Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526
Resolves: rhbz#2412678, rhbz#2412758
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.2-1
- Update to release 1.34.2
- Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577
- Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333
- Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563
- Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526
- Resolves: rhbz#2412678, rhbz#2412758
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.34.1-2
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407595 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407595
[ 2 ] Bug #2407866 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407866
[ 3 ] Bug #2408142 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408142
[ 4 ] Bug #2408577 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408577
[ 5 ] Bug #2408640 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408640
[ 6 ] Bug #2408703 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408703
[ 7 ] Bug #2409050 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409050
[ 8 ] Bug #2409333 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409333
[ 9 ] Bug #2409612 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409612
[ 10 ] Bug #2409998 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409998
[ 11 ] Bug #2410285 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410285
[ 12 ] Bug #2410563 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410563
[ 13 ] Bug #2410930 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410930
[ 14 ] Bug #2411198 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411198
[ 15 ] Bug #2411461 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411461
[ 16 ] Bug #2412526 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412526
[ 17 ] Bug #2412678 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412678
[ 18 ] Bug #2412758 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412758
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1e7710541e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: cri-o1.32-1.32.10-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-91677b56d4
2025-11-22 01:11:37.542815+00:00
--------------------------------------------------------------------------------

Name : cri-o1.32
Product : Fedora 42
Version : 1.32.10
Release : 1.fc42
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.32.10
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.10-1
- Update to release v1.32.10
- Resolves: rhbz#2407593, rhbz#2407864, rhbz#2408140, rhbz#2408571
- Resolves: rhbz#2408638, rhbz#2408701, rhbz#2409048, rhbz#2409331
- Resolves: rhbz#2409610, rhbz#2409996, rhbz#2410283, rhbz#2410561
- Resolves: rhbz#2410928, rhbz#2411196, rhbz#2411459, rhbz#2412524
- Resolves: rhbz#2412676, rhbz#2412756
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.32.9-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407593 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407593
[ 2 ] Bug #2407864 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407864
[ 3 ] Bug #2408140 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408140
[ 4 ] Bug #2408571 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408571
[ 5 ] Bug #2408638 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408638
[ 6 ] Bug #2408701 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408701
[ 7 ] Bug #2409048 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409048
[ 8 ] Bug #2409331 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409331
[ 9 ] Bug #2409610 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409610
[ 10 ] Bug #2409996 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409996
[ 11 ] Bug #2410283 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410283
[ 12 ] Bug #2410561 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410561
[ 13 ] Bug #2410928 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410928
[ 14 ] Bug #2411196 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411196
[ 15 ] Bug #2411459 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411459
[ 16 ] Bug #2412524 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412524
[ 17 ] Bug #2412676 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412676
[ 18 ] Bug #2412756 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412756
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-91677b56d4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 41 Update: dotnet10.0-10.0.100-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-969f0c8c1e
2025-11-22 01:00:51.617460+00:00
--------------------------------------------------------------------------------

Name : dotnet10.0
Product : Fedora 41
Version : 10.0.100
Release : 1.fc41
URL : https://github.com/dotnet/
Summary : .NET 10.0 Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the .NET 10 GA update
Update .NET 10 to RC 2
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Omair Majid [omajid@redhat.com] - 10.0.100-1
- Update to .NET SDK 10.0.100 and Runtime 10.0.0
* Sun Nov 2 2025 Omair Majid [omajid@redhat.com] - 10.0.100~rc.2.25502.107-0.10
- Update to .NET SDK 10.0.100-rc.2.25502.107 and Runtime 10.0.0-rc.2.25502.107
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-969f0c8c1e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: kubernetes1.31-1.31.14-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d9389fc692
2025-11-22 01:00:51.617446+00:00
--------------------------------------------------------------------------------

Name : kubernetes1.31
Product : Fedora 41
Version : 1.31.14
Release : 1.fc41
URL : https://github.com/kubernetes/kubernetes
Summary : Open Source Production-Grade Container Scheduling And Management Platform
Description :

Production-Grade Container Scheduling and Management.
Installs kubelet, the kubernetes agent on each machine in a
cluster. The kubernetes-client sub-package,
containing kubectl, is recommended but not strictly required.
The kubernetes-client sub-package should be installed on
control plane machines.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.31.14
Resolves: rhbz#2398586, rhbz#2398847, rhbz#2399248, rhbz#2399521
Resolves: rhbz#2399702, rhbz#2399720, rhbz#2407787, rhbz#2408057
Resolves: rhbz#2408314, rhbz#2408608, rhbz#2408671, rhbz#2408729
Resolves: rhbz#2409236, rhbz#2409526, rhbz#2409787, rhbz#2410201
Resolves: rhbz#2410476, rhbz#2410737, rhbz#2411116, rhbz#2411375
Resolves: rhbz#2411633, rhbz#2412568, rhbz#2412587, rhbz#2412802
Upstream fixes.
Likely last release of Kubernetes 1.31
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 12 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.31.14-1
- Update to release v1.31.14
- Resolves: rhbz#2398586, rhbz#2398847, rhbz#2399248, rhbz#2399521
- Resolves: rhbz#2399702, rhbz#2399720, rhbz#2407787, rhbz#2408057
- Resolves: rhbz#2408314, rhbz#2408608, rhbz#2408671, rhbz#2408729
- Resolves: rhbz#2409236, rhbz#2409526, rhbz#2409787, rhbz#2410201
- Resolves: rhbz#2410476, rhbz#2410737, rhbz#2411116, rhbz#2411375
- Resolves: rhbz#2411633, rhbz#2412568, rhbz#2412587, rhbz#2412802
- Upstream fixes.
- Likely last release of Kubernetes 1.31
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.31.13-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2398586 - CVE-2025-47910 kubernetes1.31: CrossOriginProtection bypass in net/http [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2398586
[ 2 ] Bug #2398847 - CVE-2025-47910 kubernetes1.31: CrossOriginProtection bypass in net/http [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2398847
[ 3 ] Bug #2399248 - CVE-2025-47906 kubernetes1.31: Unexpected paths returned from LookPath in os/exec [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399248
[ 4 ] Bug #2399521 - CVE-2025-47906 kubernetes1.31: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399521
[ 5 ] Bug #2399702 - CVE-2025-11065 kubernetes1.31: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2399702
[ 6 ] Bug #2399720 - CVE-2025-11065 kubernetes1.31: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399720
[ 7 ] Bug #2407787 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407787
[ 8 ] Bug #2408057 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408057
[ 9 ] Bug #2408314 - CVE-2025-58189 kubernetes1.31: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408314
[ 10 ] Bug #2408608 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408608
[ 11 ] Bug #2408671 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408671
[ 12 ] Bug #2408729 - CVE-2025-61725 kubernetes1.31: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408729
[ 13 ] Bug #2409236 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409236
[ 14 ] Bug #2409526 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409526
[ 15 ] Bug #2409787 - CVE-2025-61723 kubernetes1.31: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409787
[ 16 ] Bug #2410201 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410201
[ 17 ] Bug #2410476 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410476
[ 18 ] Bug #2410737 - CVE-2025-58185 kubernetes1.31: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410737
[ 19 ] Bug #2411116 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411116
[ 20 ] Bug #2411375 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411375
[ 21 ] Bug #2411633 - CVE-2025-58188 kubernetes1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411633
[ 22 ] Bug #2412568 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412568
[ 23 ] Bug #2412587 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412587
[ 24 ] Bug #2412802 - CVE-2025-58183 kubernetes1.31: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412802
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d9389fc692' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 41 Update: gopass-hibp-1.16.0-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b3bd444d1f
2025-11-22 01:00:51.617452+00:00
--------------------------------------------------------------------------------

Name : gopass-hibp
Product : Fedora 41
Version : 1.16.0
Release : 1.fc41
URL : https://github.com/gopasspw/gopass-hibp
Summary : Gopass haveibeenpwnd.com integration
Description :
Gopass haveibeenpwnd.com integration.

--------------------------------------------------------------------------------
Update Information:

Update to 1.16.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 13 2025 Fabio Alessandro Locati [mail@fale.io] - 1.16.0-1
- Update to 1.16.0
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.15.18-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407761 - CVE-2025-58189 gopass-hibp: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407761
[ 2 ] Bug #2408030 - CVE-2025-58189 gopass-hibp: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408030
[ 3 ] Bug #2408288 - CVE-2025-58189 gopass-hibp: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408288
[ 4 ] Bug #2409211 - CVE-2025-61723 gopass-hibp: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409211
[ 5 ] Bug #2409498 - CVE-2025-61723 gopass-hibp: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409498
[ 6 ] Bug #2409761 - CVE-2025-61723 gopass-hibp: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409761
[ 7 ] Bug #2410175 - CVE-2025-58185 gopass-hibp: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410175
[ 8 ] Bug #2410449 - CVE-2025-58185 gopass-hibp: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410449
[ 9 ] Bug #2410711 - CVE-2025-58185 gopass-hibp: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410711
[ 10 ] Bug #2411089 - CVE-2025-58188 gopass-hibp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2411089
[ 11 ] Bug #2411348 - CVE-2025-58188 gopass-hibp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411348
[ 12 ] Bug #2411607 - CVE-2025-58188 gopass-hibp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411607
[ 13 ] Bug #2414903 - gopass-hibp-1.16.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2414903
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b3bd444d1f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

[SECURITY] Fedora 41 Update: cri-o1.34-1.34.2-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8bd0d993db
2025-11-22 01:00:51.617441+00:00
--------------------------------------------------------------------------------

Name : cri-o1.34
Product : Fedora 41
Version : 1.34.2
Release : 1.fc41
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release 1.34.2
Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577
Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333
Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563
Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526
Resolves: rhbz#2412678, rhbz#2412758
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.34.2-1
- Update to release 1.34.2
- Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577
- Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333
- Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563
- Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526
- Resolves: rhbz#2412678, rhbz#2412758
* Fri Oct 10 2025 Maxwell G [maxwell@gtmx.me] - 1.34.1-2
- Rebuild for golang 1.25.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407595 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407595
[ 2 ] Bug #2407866 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407866
[ 3 ] Bug #2408142 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408142
[ 4 ] Bug #2408577 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408577
[ 5 ] Bug #2408640 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408640
[ 6 ] Bug #2408703 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408703
[ 7 ] Bug #2409050 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409050
[ 8 ] Bug #2409333 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409333
[ 9 ] Bug #2409612 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409612
[ 10 ] Bug #2409998 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409998
[ 11 ] Bug #2410285 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410285
[ 12 ] Bug #2410563 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410563
[ 13 ] Bug #2410930 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410930
[ 14 ] Bug #2411198 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411198
[ 15 ] Bug #2411461 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411461
[ 16 ] Bug #2412526 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412526
[ 17 ] Bug #2412678 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412678
[ 18 ] Bug #2412758 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412758
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8bd0d993db' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: cri-o1.32-1.32.10-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8c88aa0c74
2025-11-22 01:00:51.617438+00:00
--------------------------------------------------------------------------------

Name : cri-o1.32
Product : Fedora 41
Version : 1.32.10
Release : 1.fc41
URL : https://github.com/cri-o/cri-o
Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
Description :
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.

--------------------------------------------------------------------------------
Update Information:

Update to release v1.32.10
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 11 2025 Bradley G Smith [bradley.g.smith@gmail.com] - 1.32.10-1
- Update to release v1.32.10
- Resolves: rhbz#2407593, rhbz#2407864, rhbz#2408140, rhbz#2408571
- Resolves: rhbz#2408638, rhbz#2408701, rhbz#2409048, rhbz#2409331
- Resolves: rhbz#2409610, rhbz#2409996, rhbz#2410283, rhbz#2410561
- Resolves: rhbz#2410928, rhbz#2411196, rhbz#2411459, rhbz#2412524
- Resolves: rhbz#2412676, rhbz#2412756
* Fri Oct 10 2025 Alejandro S??ez [asm@redhat.com] - 1.32.9-2
- rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2407593 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2407593
[ 2 ] Bug #2407864 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2407864
[ 3 ] Bug #2408140 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408140
[ 4 ] Bug #2408571 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2408571
[ 5 ] Bug #2408638 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2408638
[ 6 ] Bug #2408701 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408701
[ 7 ] Bug #2409048 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409048
[ 8 ] Bug #2409331 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2409331
[ 9 ] Bug #2409610 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409610
[ 10 ] Bug #2409996 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2409996
[ 11 ] Bug #2410283 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2410283
[ 12 ] Bug #2410561 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410561
[ 13 ] Bug #2410928 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2410928
[ 14 ] Bug #2411196 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2411196
[ 15 ] Bug #2411459 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411459
[ 16 ] Bug #2412524 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2412524
[ 17 ] Bug #2412676 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2412676
[ 18 ] Bug #2412756 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2412756
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8c88aa0c74' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------