FEDORA-2025-daa6238745 — security update for containerd

stable

containerd-2.0.7-1.fc42

FEDORA-2025-daa6238745 created by buckaroogeek 4 months ago for Fedora 42

Update to v2.0.7

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-daa6238745

This update has been submitted for testing by buckaroogeek.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago

This update has been submitted for stable by bodhi.

4 months ago

This update has been pushed to stable.

4 months ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

4 months ago

in testing

4 months ago

in stable

4 months ago

approved

4 months ago

Builds

containerd-2.0.7-1.fc42

BZ#2398655 CVE-2025-47910 containerd: CrossOriginProtection bypass in net/http [fedora-42]

BZ#2399331 CVE-2025-47906 containerd: Unexpected paths returned from LookPath in os/exec [fedora-42]

BZ#2407857 CVE-2025-58189 containerd: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]

BZ#2408632 CVE-2025-61725 containerd: Excessive CPU consumption in ParseAddress in net/mail [fedora-42]

BZ#2409324 CVE-2025-61723 containerd: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]

BZ#2410276 CVE-2025-58185 containerd: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]

BZ#2411188 CVE-2025-58188 containerd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]

BZ#2412750 CVE-2025-58183 containerd: Unbounded allocation when parsing GNU sparse map [fedora-42]

containerd-2.0.7-1.fc42

Automated Test Results

ignored