-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-298add9246 2025-11-24 01:24:44.272902+00:00 --------------------------------------------------------------------------------
Name : kubernetes1.33 Product : Fedora 43 Version : 1.33.6 Release : 1.fc43 URL : https://github.com/kubernetes/kubernetes Summary : Open Source Production-Grade Container Scheduling And Management Platform Description : Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machines. -------------------------------------------------------------------------------- Update Information: Update to release v1.33.6 Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523 Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610 Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528 Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739 Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589 Resolves: rhbz#2412804 Upstream fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 13 2025 Bradley G Smith <[email protected]> - 1.33.6-1 - Update to release v1.33.6 - Resolves: rhbz#2398588, rhbz#2398849, rhbz#2399250, rhbz#2399523 - Resolves: rhbz#2407789, rhbz#2408059, rhbz#2408316, rhbz#2408610 - Resolves: rhbz#2408673, rhbz#2408731, rhbz#2409238, rhbz#2409528 - Resolves: rhbz#2409789, rhbz#2410203, rhbz#2410478, rhbz#2410739 - Resolves: rhbz#2411118, rhbz#2411377, rhbz#2412570, rhbz#2412589 - Resolves: rhbz#2412804 - Upstream fixes * Fri Oct 10 2025 Maxwell G <[email protected]> - 1.33.5-4 - Rebuild for golang 1.25.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2398588 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398588 [ 2 ] Bug #2398849 - CVE-2025-47910 kubernetes1.33: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398849 [ 3 ] Bug #2399250 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399250 [ 4 ] Bug #2399523 - CVE-2025-47906 kubernetes1.33: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399523 [ 5 ] Bug #2407789 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407789 [ 6 ] Bug #2408059 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408059 [ 7 ] Bug #2408316 - CVE-2025-58189 kubernetes1.33: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408316 [ 8 ] Bug #2408610 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2408610 [ 9 ] Bug #2408673 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408673 [ 10 ] Bug #2408731 - CVE-2025-61725 kubernetes1.33: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408731 [ 11 ] Bug #2409238 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409238 [ 12 ] Bug #2409528 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409528 [ 13 ] Bug #2409789 - CVE-2025-61723 kubernetes1.33: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409789 [ 14 ] Bug #2410203 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2410203 [ 15 ] Bug #2410478 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2410478 [ 16 ] Bug #2410739 - CVE-2025-58185 kubernetes1.33: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410739 [ 17 ] Bug #2411118 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2411118 [ 18 ] Bug #2411377 - CVE-2025-58188 kubernetes1.33: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2411377 [ 19 ] Bug #2412570 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2412570 [ 20 ] Bug #2412589 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412589 [ 21 ] Bug #2412804 - CVE-2025-58183 kubernetes1.33: Unbounded allocation when parsing GNU sparse map [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2412804 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-298add9246' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
