Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Fedora 42: Cloud SQL Proxy Security Fix RDY 2025-582e97b7b4

fedora
Calendar Grey January 1, 2026
Dist Fedora Esm H88
Critical security updates for Fedora 42’s Cloud SQL Proxy to address important vulnerabilities and improve software safety.
Rebuilt for CVEs

Summary

The Cloud SQL Proxy allows a user with the appropriate permissions to connect

to a Second Generation Cloud SQL database without having to deal with IP

whitelisting or SSL certificates manually. It works by opening unix/tcp

sockets on the local machine and proxying connections to the associated

Cloud SQL instances when the sockets are used.

Update Information:

Rebuilt for CVEs

Topics%20covered

Topics Covered

security advisory fedora patching proxy CVE cloudsql

Change Log

* Tue Dec 23 2025 W. Michael Petullo - 1.31.2-9 - Rebuilt for CVEs

References


[ 1 ] Bug #2398740 - CVE-2025-47910 golang-github-googlecloudplatform-cloudsql-proxy: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398740 [ 2 ] Bug #2399418 - CVE-2025-47906 golang-github-googlecloudplatform-cloudsql-proxy: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399418 [ 3 ] Bug #2407942 - CVE-2025-58189 golang-github-googlecloudplatform-cloudsql-proxy: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2407942 [ 4 ] Bug #2409412 - CVE-2025-61723 golang-github-googlecloudplatform-cloudsql-proxy: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409412 [ 5 ] Bug #2410363 - CVE-2025-58185 golang-github-googlecloudplatform-cloudsql-proxy: Parsing DER payload c...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-582e97b7b4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: golang-github-googlecloudplatform-cloudsql-proxy
Product: Fedora 42
Version: 1.31.2
Release: 9.fc42
URL: https://github.com/GoogleCloudPlatform/cloud-sql-proxy
Summary: Cloud SQL proxy client and Go library

Topics%20covered

Topics Covered

security advisory fedora patching proxy CVE cloudsql

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here