FEDORA-2026-126cd91d11 — security update for node-exporter

stable

node-exporter-1.10.2-3.fc42

FEDORA-2026-126cd91d11 created by mikelo2 a month ago for Fedora 42

Update to 1.10.2

Update was blocked by a ppc64 issue, but a workaround has been found.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2026-126cd91d11

This update has been submitted for testing by mikelo2.

a month ago

This update's test gating status has been changed to 'ignored'.

a month ago

This update has been pushed to testing.

a month ago

This update has been submitted for stable by bodhi.

3 weeks ago

This update has been pushed to stable.

3 weeks ago

Please log in to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a month ago

in testing

a month ago

in stable

3 weeks ago

approved

3 weeks ago

Builds

node-exporter-1.10.2-3.fc42

BZ#2398866 CVE-2025-47910 node-exporter: CrossOriginProtection bypass in net/http [fedora-42]

BZ#2399538 CVE-2025-47906 node-exporter: Unexpected paths returned from LookPath in os/exec [fedora-42]

BZ#2408076 CVE-2025-58189 node-exporter: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42]

BZ#2409546 CVE-2025-61723 node-exporter: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42]

BZ#2410497 CVE-2025-58185 node-exporter: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42]

BZ#2411395 CVE-2025-58188 node-exporter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]

BZ#2424021 [Minor Incident] CVE-2025-52881 node-exporter: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [fedora-42]

node-exporter-1.10.2-3.fc42

Automated Test Results

ignored