Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Fedora 43: Important Security Advisory for grpcurl Command-Line Tool

fedora
Calendar Grey January 4, 2026
Dist Fedora Esm H88
Fix for grpcurl on Fedora 43 addresses critical security issues and improves functionality as a command-line tool.
Fix version ldflag for #2424534

Summary

Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers.

Update Information:

Fix version ldflag for #2424534

Topics%20covered

Topics Covered

security advisory security issue fedora important command line tool grpcurl

Change Log

* Mon Dec 29 2025 Mikel Olasagasti Uranga - 1.9.3-6 - Fix version ldflag - Closes rhbz#2424534 * Fri Oct 10 2025 Alejandro Sez - 1.9.3-5 - rebuild

References


[ 1 ] Bug #2408296 - CVE-2025-58189 grpcurl: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408296 [ 2 ] Bug #2408718 - CVE-2025-61725 grpcurl: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408718 [ 3 ] Bug #2409769 - CVE-2025-61723 grpcurl: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409769 [ 4 ] Bug #2410719 - CVE-2025-58185 grpcurl: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410719 [ 5 ] Bug #2411615 - CVE-2025-58188 grpcurl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411615 [ 6 ] Bug #2424534 - -version returns no version https...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7da33c2d62' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: grpcurl
Product: Fedora 43
Version: 1.9.3
Release: 6.fc43
URL: https://github.com/fullstorydev/grpcurl
Summary: Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers

Topics%20covered

Topics Covered

security advisory security issue fedora important command line tool grpcurl

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here