Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Fedora 43 headscale Critical DoS Risk Update 0.28.0 FEDORA-2026-c3c02ffe75

fedora
Calendar Grey March 27, 2026
Dist Fedora Esm H88
Update to headscale 0.28.0 in Fedora 43 addresses security risks and ensures performance improvements.
update to 0.28.0

Summary

An open source, self-hosted implementation of the Tailscale control server.

Update Information:

update to 0.28.0

Topics%20covered

Topics Covered

security advisory fedora critical DoS control server headscale

Change Log

* Wed Mar 18 2026 Jonathan Wright - 0.28.0-1 - Update to 0.28.0 * Tue Feb 3 2026 Maxwell G - 0.26.1-8 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 0.26.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Maxwell G - 0.26.1-6 - Rebuild for golang 1.25.2

References


[ 1 ] Bug #2408299 - CVE-2025-58189 headscale: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408299 [ 2 ] Bug #2408721 - CVE-2025-61725 headscale: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408721 [ 3 ] Bug #2409772 - CVE-2025-61723 headscale: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409772 [ 4 ] Bug #2410722 - CVE-2025-58185 headscale: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410722 [ 5 ] Bug #2411618 - CVE-2025-58188 headscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411618 [ 6 ] Bug #2412709 - CVE-2025-58183 headsc...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c3c02ffe75' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: headscale
Product: Fedora 43
Version: 0.28.0
Release: 1.fc43
URL: https://github.com/juanfont/headscale
Summary: Self-hosted implementation of the Tailscale control server

Topics%20covered

Topics Covered

security advisory fedora critical DoS control server headscale

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here