Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 43: Critical Apptainer Update Addressing DoS and Memory Flaws

fedora
Calendar Grey November 7, 2025
Dist Fedora Esm H88
Apptainer update ensures critical vulnerabilities are patched, enhancing security against denial of service and memory issues.
Update to upstream 1.4.4

Summary

Apptainer provides functionality to make portable

containers that can be used across host environments.

Update Information:

Update to upstream 1.4.4. This was built with golang 1.25.3 which fixes CVE-2025-61723, CVE-2025-61725, CVE-2025-58183, CVE-2025-58185, CVE-2025-58188, and CVE-2025-58189.

Topics%20covered

Topics Covered

security advisory denial of service fedora critical memory exhaustion apptainer

Change Log

* Wed Oct 29 2025 Dave Dykstra - 1.4.4-1 - Update to upstream 1.4.4

References


[ 1 ] Bug #2407134 - apptainer-1.4.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2407134 [ 2 ] Bug #2408123 - CVE-2025-58189 apptainer: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408123 [ 3 ] Bug #2408693 - CVE-2025-61725 apptainer: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408693 [ 4 ] Bug #2409593 - CVE-2025-61723 apptainer: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409593 [ 5 ] Bug #2410544 - CVE-2025-58185 apptainer: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410544 [ 6 ] Bug #2411442 - CVE-2025-58188 apptainer: Panic when validating certificates with DSA public keys in crypto/x509 [fed...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-061f320514' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: apptainer
Product: Fedora 43
Version: 1.4.4
Release: 1.fc43
URL: https://apptainer.org
Summary: Application and environment virtualization formerly known as Singularity

Topics%20covered

Topics Covered

security advisory denial of service fedora critical memory exhaustion apptainer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here