Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 41: openbao Critical HTTPRawBody Leak Resolution CVE-2025-62513

fedora
Calendar Grey November 1, 2025
Dist Fedora Esm H88
Critical update for openbao in Fedora 41 addresses security issues related to information leakage and access control.
Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

Summary

Openbao secures, stores, and tightly controls access to tokens, passwords,

certificates, API keys, and other secrets in modern computing. Openbao handles

leasing, key revocation, key rolling, and auditing. Through a unified API, users

can access an encrypted Key/Value store and network encryption-as-a-service, or

generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH

credentials, and more.

Update Information:

Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705.

Topics%20covered

Topics Covered

security advisory information leak fedora data protection important openbao

Change Log

* Thu Oct 23 2025 Dave Dykstra <2129743+DrDaveD@users.noreply.github.com> - 2.4.3-1 - update to upstream 2.4.3

References


[ 1 ] Bug #2405900 - CVE-2025-62513 openbao: OpenBao leaks HTTPRawBody in Audit Logs [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2405900 [ 2 ] Bug #2405901 - CVE-2025-62513 openbao: OpenBao leaks HTTPRawBody in Audit Logs [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2405901 [ 3 ] Bug #2405902 - CVE-2025-62513 openbao: OpenBao leaks HTTPRawBody in Audit Logs [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2405902 [ 4 ] Bug #2405903 - CVE-2025-62513 openbao: OpenBao leaks HTTPRawBody in Audit Logs [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2405903 [ 5 ] Bug #2405904 - CVE-2025-62513 openbao: OpenBao leaks HTTPRawBody in Audit Logs [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2405904

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ab1fce816d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: openbao
Product: Fedora 41
Version: 2.4.3
Release: 1.fc41
URL: https://openbao.org
Summary: A tool for securely accessing secrets

Topics%20covered

Topics Covered

security advisory information leak fedora data protection important openbao

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here