Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 43: Cloud SQL Proxy Critical Security Notices for 2025-5906618a59

fedora
Calendar Grey January 1, 2026
Dist Fedora Esm H88
Fedora 43 update for cloudsql-proxy addresses critical vulnerabilities, ensuring safer connectivity to Cloud SQL databases.
Rebuilt for CVEs

Summary

The Cloud SQL Proxy allows a user with the appropriate permissions to connect

to a Second Generation Cloud SQL database without having to deal with IP

whitelisting or SSL certificates manually. It works by opening unix/tcp

sockets on the local machine and proxying connections to the associated

Cloud SQL instances when the sockets are used.

Update Information:

Rebuilt for CVEs

Topics%20covered

Topics Covered

security advisory denial of service fedora critical information exposure cloudsql-proxy

Change Log

* Tue Dec 23 2025 W. Michael Petullo - 1.31.2-11 - Rebuilt for CVEs

References


[ 1 ] Bug #2408217 - CVE-2025-58189 golang-github-googlecloudplatform-cloudsql-proxy: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408217 [ 2 ] Bug #2409687 - CVE-2025-61723 golang-github-googlecloudplatform-cloudsql-proxy: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409687 [ 3 ] Bug #2410640 - CVE-2025-58185 golang-github-googlecloudplatform-cloudsql-proxy: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410640 [ 4 ] Bug #2411536 - CVE-2025-58188 golang-github-googlecloudplatform-cloudsql-proxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411536

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5906618a59' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: golang-github-googlecloudplatform-cloudsql-proxy
Product: Fedora 43
Version: 1.31.2
Release: 11.fc43
URL: https://github.com/GoogleCloudPlatform/cloud-sql-proxy
Summary: Cloud SQL proxy client and Go library

Topics%20covered

Topics Covered

security advisory denial of service fedora critical information exposure cloudsql-proxy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here