Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 42: Kubernetes1.32 Important Security Update 2025-0131063534

fedora
Calendar Grey November 22, 2025
Dist Fedora Esm H88
Discover critical updates for Kubernetes on Fedora 42, addressing key security issues including memory leaks and CrossOriginProtection bypass.
Update to release v1.32.10 Resolves: rhbz#2414539 Resolves: rhbz#2398587, rhbz#2398848, rhbz#2399249, rhbz#2399522 Resolves: rhbz#2399703, rhbz#2399721, rhbz#2407788, rhbz#2408058 ...

Summary

Production-Grade Container Scheduling and Management.

Installs kubelet, the kubernetes agent on each machine in a

cluster. The kubernetes-client sub-package,

containing kubectl, is recommended but not strictly required.

The kubernetes-client sub-package should be installed on

control plane machines.

Update Information:

Update to release v1.32.10 Resolves: rhbz#2414539 Resolves: rhbz#2398587, rhbz#2398848, rhbz#2399249, rhbz#2399522 Resolves: rhbz#2399703, rhbz#2399721, rhbz#2407788, rhbz#2408058 Resolves: rhbz#2408315, rhbz#2408609, rhbz#2408672, rhbz#2408730 Resolves: rhbz#2409237, rhbz#2409527, rhbz#2409788, rhbz#2410202 Resolves: rhbz#2410477, rhbz#2410738, rhbz#2411117, rhbz#2411376 Resolves: rhbz#2411634, rhbz#2412569, rhbz#2412588, rhbz#2412803 Upstream fixes

Topics%20covered

Topics Covered

security advisory fedora important memory exhaustion crossoriginprotection kubernetes1.32

Change Log

* Wed Nov 12 2025 Bradley G Smith - 1.32.10-1 - Update to release v1.32.10 - Resolves: rhbz#2414539 - Resolves: rhbz#2398587, rhbz#2398848, rhbz#2399249, rhbz#2399522 - Resolves: rhbz#2399703, rhbz#2399721, rhbz#2407788, rhbz#2408058 - Resolves: rhbz#2408315, rhbz#2408609, rhbz#2408672, rhbz#2408730 - Resolves: rhbz#2409237, rhbz#2409527, rhbz#2409788, rhbz#2410202 - Resolves: rhbz#2410477, rhbz#2410738, rhbz#2411117, rhbz#2411376 - Resolves: rhbz#2411634, rhbz#2412569, rhbz#2412588, rhbz#2412803 - Upstream fixes * Wed Nov 12 2025 Bradley G Smith - 1.32.9-2 - Revise template - Remove transition artifacts - from non-versioned kubernetes - Remove unneeded network rpms - Remove duplicate requires

References


[ 1 ] Bug #2398587 - CVE-2025-47910 kubernetes1.32: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398587 [ 2 ] Bug #2398848 - CVE-2025-47910 kubernetes1.32: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398848 [ 3 ] Bug #2399249 - CVE-2025-47906 kubernetes1.32: Unexpected paths returned from LookPath in os/exec [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399249 [ 4 ] Bug #2399522 - CVE-2025-47906 kubernetes1.32: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399522 [ 5 ] Bug #2399703 - CVE-2025-11065 kubernetes1.32: Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399703 [ 6 ] Bug #2399721 - CVE-2025-11065 kubernetes1.32: Go-viper's mapstruct...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-0131063534' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: kubernetes1.32
Product: Fedora 42
Version: 1.32.10
Release: 2.fc42
URL: https://github.com/kubernetes/kubernetes
Summary: Open Source Production-Grade Container Scheduling And Management Platform

Topics%20covered

Topics Covered

security advisory fedora important memory exhaustion crossoriginprotection kubernetes1.32

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here