FEDORA-EPEL-2025-75c1e94798 — security update for kustomize

stable

kustomize-5.8.0-1.el10_1

FEDORA-EPEL-2025-75c1e94798 created by mikelo2 4 months ago for Fedora EPEL 10.1

Update to 5.8.0

This update has been submitted for testing by mikelo2.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago

This update has been submitted for stable by bodhi.

3 months ago

This update has been pushed to stable.

3 months ago

Please log in to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

4 months ago

in testing

4 months ago

in stable

3 months ago

approved

3 months ago

Builds

kustomize-5.8.0-1.el10_1

BZ#2390834 kustomize: go-viper's mapstructure May Leak Sensitive Information in Logs [epel-10]

BZ#2398301 CVE-2025-47910 kustomize: CrossOriginProtection bypass in net/http [epel-10]

BZ#2398937 CVE-2025-47906 kustomize: Unexpected paths returned from LookPath in os/exec [epel-10]

BZ#2399687 CVE-2025-11065 kustomize: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [epel-10]

BZ#2407486 CVE-2025-58189 kustomize: go crypto/tls ALPN negotiation error contains attacker controlled information [epel-10]

BZ#2408528 CVE-2025-61725 kustomize: Excessive CPU consumption in ParseAddress in net/mail [epel-10]

BZ#2408938 CVE-2025-61723 kustomize: Quadratic complexity when parsing some invalid inputs in encoding/pem [epel-10]

BZ#2409879 CVE-2025-58185 kustomize: Parsing DER payload can cause memory exhaustion in encoding/asn1 [epel-10]

BZ#2410820 CVE-2025-58188 kustomize: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]

kustomize-5.8.0-1.el10_1

Automated Test Results

ignored