Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 42: Important Kubernetes Updates Released for 2025-4c576d1bd9

fedora
Calendar Grey November 25, 2025
Dist Fedora Esm H88
Critical updates for Kubernetes 1.34.2 on Fedora 42 addressing multiple security issues ensuring robust container management.
Update to release v1.34.2 Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524 Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611 Resolves: rhbz#2408674, ...

Summary

Production-Grade Container Scheduling and Management.

Installs kubelet, the kubernetes agent on each machine in a

cluster. The kubernetes-client sub-package,

containing kubectl, is recommended but not strictly required.

The kubernetes-client sub-package should be installed on

control plane machines.

Update Information:

Update to release v1.34.2 Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524 Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611 Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529 Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740 Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590 Resolves: rhbz#2412805 Upstream fixes

Topics%20covered

Topics Covered

security advisory fedora critical application update kubernetes container management

Change Log

* Fri Nov 14 2025 Bradley G Smith - 1.34.2-1 - Update to release v1.34.2 - Resolves: rhbz#2398589, rhbz#2398850, rhbz#2399251, rhbz#2399524 - Resolves: rhbz#2407790, rhbz#2408060, rhbz#2408317, rhbz#2408611 - Resolves: rhbz#2408674, rhbz#2408732, rhbz#2409239, rhbz#2409529 - Resolves: rhbz#2409790, rhbz#2410204, rhbz#2410479, rhbz#2410740 - Resolves: rhbz#2411120, rhbz#2411378, rhbz#2411636 rhbz#2412590 - Resolves: rhbz#2412805 - Upstream fixes * Fri Nov 14 2025 Bradley G Smith - 1.34.1-4 - Reorder CRI Recommends - Update cri-o recommend with correct version information - Reorder CRI as (for example): Recommends: (cri-o1.34 or containerd) * Fri Oct 10 2025 Maxwell G - 1.34.1-3 - Rebuild for golang 1.25.2

References


[ 1 ] Bug #2398589 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398589 [ 2 ] Bug #2398850 - CVE-2025-47910 kubernetes1.34: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398850 [ 3 ] Bug #2399251 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399251 [ 4 ] Bug #2399524 - CVE-2025-47906 kubernetes1.34: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399524 [ 5 ] Bug #2407790 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407790 [ 6 ] Bug #2408060 - CVE-2025-58189 kubernetes1.34: go crypto/tls ALPN negotiation error cont...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4c576d1bd9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: kubernetes1.34
Product: Fedora 42
Version: 1.34.2
Release: 1.fc42
URL: https://github.com/kubernetes/kubernetes
Summary: Open Source Production-Grade Container Scheduling And Management Platform

Topics%20covered

Topics Covered

security advisory fedora critical application update kubernetes container management

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here