CVE-2025-58188
published 2025-10-29CVE-2025-58188: Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method…
PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.36%
28.0th percentile
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | golang-1.15 | < golang-1.24 1.24.8-1 (forky) | golang-1.24 1.24.8-1 (forky) |
| debian | golang-1.19 | < golang-1.24 1.24.8-1 (forky) | golang-1.24 1.24.8-1 (forky) |
| debian | golang-1.24 | < golang-1.24 1.24.8-1 (forky) | golang-1.24 1.24.8-1 (forky) |
| debian | golang-1.25 | < golang-1.24 1.24.8-1 (forky) | golang-1.24 1.24.8-1 (forky) |
| github.com | open-feature_flagd_core | >= 0 < 0.13.1 | 0.13.1 |
| github.com | open-feature_flagd_flagd | >= 0 < 0.13.1 | 0.13.1 |
| github.com | open-feature_flagd_flagd-proxy | >= 0 < 0.8.2 | 0.8.2 |
| github.com | opentofu_opentofu | >= 0 < 1.10.7 | 1.10.7 |
| go_standard_library | crypto_x509 | < 1.24.8 | 1.24.8 |
| go_standard_library | crypto_x509 | >= 1.25.0 < 1.25.2 | 1.25.2 |
| golang | go | < 1.24.8 | 1.24.8 |
| golang | go | >= 1.25.0 < 1.25.2 | 1.25.2 |
| msrc | azl3_gcc_13.2.0-7 | — | — |
| msrc | azl3_golang_1.23.12-1 | — | — |
| msrc | azl3_golang_1.25.3-1 | — | — |
| msrc | azl3_golang_1.25.5-1 | — | — |
| msrc | azl3_golang_1.25.6-1 | — | — |
| msrc | azl3_golang_1.25.7-1 | — | — |
| msrc | azl3_golang_1.25.8-1 | — | — |
| msrc | azl3_golang_1.26.0-1 | — | — |
| msrc | azl3_python-tensorboard_2.16.2-6 | — | — |
| msrc | azl3_tensorflow_2.16.1-9 | — | — |
| msrc | cbl2_gcc_11.2.0-8 | — | — |
| msrc | cbl2_golang_1.18.8-10 | — | — |
| msrc | cbl2_golang_1.22.7-5 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.0HIGH
osv7.5HIGH
vendor_debian7.5HIGH
vendor_msrc7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
vendor_redhat·2025-10-29·CVSS 7.5
CVE-2025-58188 [HIGH] CWE-617 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
A denial of service vector has been discovered in the golang crypto/x509 module. An attacker could craft an intermediate X.509 certificate containing a DSA public key and can crash a remote host with an unauthenticated call to any endpoint that verifies the certificate chain.
Statement: Availability impacts are limited on Red Hat products as they do not affect the host systems.
Mitigation: Mitigation for this issue is either not available or the currently available options
Microsoft
Panic when validating certificates with DSA public keys in crypto/x509
vendor_msrc·2025-10-14·CVSS 7.5
CVE-2025-58188 [HIGH] Panic when validating certificates with DSA public keys in crypto/x509
Panic when validating certificates with DSA public keys in crypto/x509
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Go: Go
Customer Action Required: Yes
Debian
CVE-2025-58188: golang-1.15 - Validating certificate chains which contain DSA public keys can cause programs t...
vendor_debian·2025·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188: golang-1.15 - Validating certificate chains which contain DSA public keys can cause programs t...
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
Scope: local
bullseye: open
GHSA
flagd: Multiple Go Runtime CVEs Impact Security and Availability
ghsa·2026-01-05·CVSS 7.0
CVE-2025-47907 [HIGH] CWE-20 flagd: Multiple Go Runtime CVEs Impact Security and Availability
flagd: Multiple Go Runtime CVEs Impact Security and Availability
### Summary
In 2025, several vulnerabilities in the Go Standard Library were disclosed, impacting Go-based applications like flagd (the evaluation engine for OpenFeature). These CVEs primarily focus on Denial of Service (DoS) through resource exhaustion and Race Conditions in database handling.
| CVE ID | Impacted Package | Severity | Description & Impact on flagd |
| -- | -- | -- | -- |
| CVE-2025-47907 | database/sql | 7.0 (High) | Race Condition: Canceling a query during a Scan call can return data from the wrong query. Critical if flagd uses SQL-based sync providers (e.g., Postgres), potentially leading to incorrect flag configurations. |
| CVE-2025-61725 | net/mail | 7.5 (High) | DoS: Inefficient complexity in ParseAdd
OSV
flagd: Multiple Go Runtime CVEs Impact Security and Availability
osv·2026-01-05·CVSS 7.0
CVE-2025-47907 [HIGH] flagd: Multiple Go Runtime CVEs Impact Security and Availability
flagd: Multiple Go Runtime CVEs Impact Security and Availability
### Summary
In 2025, several vulnerabilities in the Go Standard Library were disclosed, impacting Go-based applications like flagd (the evaluation engine for OpenFeature). These CVEs primarily focus on Denial of Service (DoS) through resource exhaustion and Race Conditions in database handling.
| CVE ID | Impacted Package | Severity | Description & Impact on flagd |
| -- | -- | -- | -- |
| CVE-2025-47907 | database/sql | 7.0 (High) | Race Condition: Canceling a query during a Scan call can return data from the wrong query. Critical if flagd uses SQL-based sync providers (e.g., Postgres), potentially leading to incorrect flag configurations. |
| CVE-2025-61725 | net/mail | 7.5 (High) | DoS: Inefficient complexity in ParseAdd
GHSA
OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses
ghsa·2025-11-06·CVSS 4.3
[MEDIUM] CWE-1395 OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses
OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses
### Impact
Unauthenticated denial of service.
### Summary
When installing module packages from attacker-controlled sources, `tofu init` may use unbounded memory, cause high CPU usage, or crash when encountering maliciously-crafted TLS certificate chains or tar archives.
Those who depend on modules or providers served from untrusted third-party servers may experience denial of service due to `tofu init` failing to complete successfully. In the case of unbounded memory usage or high CPU usage, other processes running on the same computer as OpenTofu may also fail or have their performance degraded due to the depletion of shared system resources.
These vulnerabilities **do not** permit
OSV
OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses
osv·2025-11-06·CVSS 4.3
[MEDIUM] OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses
OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses
### Impact
Unauthenticated denial of service.
### Summary
When installing module packages from attacker-controlled sources, `tofu init` may use unbounded memory, cause high CPU usage, or crash when encountering maliciously-crafted TLS certificate chains or tar archives.
Those who depend on modules or providers served from untrusted third-party servers may experience denial of service due to `tofu init` failing to complete successfully. In the case of unbounded memory usage or high CPU usage, other processes running on the same computer as OpenTofu may also fail or have their performance degraded due to the depletion of shared system resources.
These vulnerabilities **do not** permit
GHSA
GHSA-7wwx-xj66-r44x: Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal
ghsa_unreviewed·2025-10-30
CVE-2025-58188 [HIGH] CWE-295 GHSA-7wwx-xj66-r44x: Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
OSV
CVE-2025-58188: Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal
osv·2025-10-29·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188: Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
OSV
Panic when validating certificates with DSA public keys in crypto/x509
osv·2025-10-29
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Panic when validating certificates with DSA public keys in crypto/x509
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method.
This affects programs which validate arbitrary certificate chains.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2026-06-12·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
+++ This bug was initially created as a clone of Bug #2410860 +++
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
bugzilla·2026-06-12·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
+++ This bug was initially created as a clone of Bug #2410860 +++
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 docker-distribution: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-04·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 docker-distribution: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 docker-distribution: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
golang fixed since v1.25.2
Bugzilla
CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-04·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's po
Bugzilla
CVE-2025-58188 forgejo: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-04·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 forgejo: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 forgejo: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's polic
Bugzilla
CVE-2025-58188 etcd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-04·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 etcd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 etcd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 geoipupdate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-04·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 geoipupdate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 geoipupdate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's p
Bugzilla
CVE-2025-58188 exercism: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-04·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 exercism: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 exercism: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 golang-github-cucumber-godog: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-cucumber-godog: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-cucumber-godog: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-hexdigest-gowrap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-hexdigest-gowrap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-hexdigest-gowrap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-1
Bugzilla
CVE-2025-58188 toxcore: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 toxcore: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 toxcore: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's polic
Bugzilla
CVE-2025-58188 kubernetes1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 kubernetes1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 kubernetes1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora'
Bugzilla
CVE-2025-58188 golang-github-aws-lambda: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-aws-lambda: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-aws-lambda: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 golang-mongodb-mongo-driver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-mongodb-mongo-driver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-mongodb-mongo-driver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-deepmap-oapi-codegen: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-deepmap-oapi-codegen: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-deepmap-oapi-codegen: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-
Bugzilla
CVE-2025-58188 golang-ariga-atlas: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-ariga-atlas: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-ariga-atlas: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fed
Bugzilla
CVE-2025-58188 shellz: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 shellz: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 shellz: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-entgo-ent: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-entgo-ent: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-entgo-ent: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedor
Bugzilla
CVE-2025-58188 nebula: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 nebula: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 nebula: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-github-pgaskin-koboutils: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-pgaskin-koboutils: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-pgaskin-koboutils: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 kitty: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 kitty: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 kitty: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 git-credential-azure: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 git-credential-azure: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 git-credential-azure: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is F
Bugzilla
CVE-2025-58188 golang-x-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora'
Bugzilla
CVE-2025-58188 golang-github-letsencrypt-pebble: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-letsencrypt-pebble: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-letsencrypt-pebble: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-github-mailru-easyjson: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-mailru-easyjson: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-mailru-easyjson: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-github-schollz-croc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-schollz-croc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-schollz-croc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
I
Bugzilla
CVE-2025-58188 golang-github-emersion-smtp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-emersion-smtp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-emersion-smtp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 grafana-pcp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 grafana-pcp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 grafana-pcp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's p
Bugzilla
CVE-2025-58188 golang-k8s-sample-apiserver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-sample-apiserver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-sample-apiserver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 ollama: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 ollama: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 ollama: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 reposurgeon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 reposurgeon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 reposurgeon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's p
Bugzilla
CVE-2025-58188 golang-github-rootless-containers-rootlesskit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-rootless-containers-rootlesskit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-rootless-containers-rootlesskit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux
Bugzilla
CVE-2025-58188 golang-github-cloudflare-redoctober: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-cloudflare-redoctober: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-cloudflare-redoctober: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026
Bugzilla
CVE-2025-58188 golang-sr-emersion-gqlclient: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-sr-emersion-gqlclient: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-sr-emersion-gqlclient: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-rakyll-statik: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-rakyll-statik: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-rakyll-statik: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-x-exp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-exp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-exp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 smtprelay: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 smtprelay: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 smtprelay: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 golang-github-rogpeppe-internal: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-rogpeppe-internal: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-rogpeppe-internal: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 golang-github-intel-goresctrl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-intel-goresctrl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-intel-goresctrl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 osbuild-composer: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 osbuild-composer: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 osbuild-composer: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedor
Bugzilla
CVE-2025-58188 go-fdo-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 go-fdo-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 go-fdo-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 snapd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 snapd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 snapd: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-github-pelletier-toml: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-pelletier-toml: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-pelletier-toml: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-tenox7-wrp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-tenox7-wrp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-tenox7-wrp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 stargz-snapshotter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 stargz-snapshotter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 stargz-snapshotter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fed
Bugzilla
CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-9d0e7df23a (glow-2.1.2-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-9d0e7df23a
Bugzilla
CVE-2025-58188 golang-github-gocolly-colly-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-gocolly-colly-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-gocolly-colly-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-github-pact-foundation: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-pact-foundation: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-pact-foundation: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-github-nicksnyder-i18n-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-nicksnyder-i18n-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-nicksnyder-i18n-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 helm: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 helm: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 helm: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 golang-github-instrumenta-kubeval: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-instrumenta-kubeval: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-instrumenta-kubeval: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-0
Bugzilla
CVE-2025-58188 podman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 podman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 podman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 httpdump: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 httpdump: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 httpdump: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 manifest-tool: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 manifest-tool: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 manifest-tool: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 golang-github-valyala-fasthttp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-valyala-fasthttp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-valyala-fasthttp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-1
Bugzilla
CVE-2025-58188 golang-github-kyokomi-emoji: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-kyokomi-emoji: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-kyokomi-emoji: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-x-mod: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-mod: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-mod: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 golang-x-perf: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-perf: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-perf: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 podman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 podman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 podman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 golang-github-facebookincubator-dhcplb: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-facebookincubator-dhcplb: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-facebookincubator-dhcplb: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2
Bugzilla
CVE-2025-58188 golang-github-facebookincubator-contest: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-facebookincubator-contest: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-facebookincubator-contest: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on
Bugzilla
CVE-2025-58188 golang-github-pdfcpu: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-pdfcpu: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-pdfcpu: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is F
Bugzilla
CVE-2025-58188 golang-github-envoyproxy-protoc-gen-validate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-envoyproxy-protoc-gen-validate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-envoyproxy-protoc-gen-validate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 4
Bugzilla
CVE-2025-58188 golang-github-bobesa-domain-util: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-bobesa-domain-util: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-bobesa-domain-util: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-github-facebook-time: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-facebook-time: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-facebook-time: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-spyzhov-ajson: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-spyzhov-ajson: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-spyzhov-ajson: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-k8s-sample-controller: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-sample-controller: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-sample-controller: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 gobuster: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gobuster: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gobuster: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 startdde: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 startdde: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 startdde: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 golang-github-nats-io-jwt-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-nats-io-jwt-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-nats-io-jwt-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-gobwas-ws: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-gobwas-ws: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-gobwas-ws: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It i
Bugzilla
CVE-2025-58188 golang-github-theupdateframework-notary: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-theupdateframework-notary: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-theupdateframework-notary: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on
Bugzilla
CVE-2025-58188 gopls: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gopls: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gopls: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-github-geertjohan-rice: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-geertjohan-rice: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-geertjohan-rice: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 matterbridge: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 matterbridge: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 matterbridge: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 reg: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 reg: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 reg: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to
Bugzilla
CVE-2025-58188 kappanhang: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 kappanhang: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 kappanhang: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's po
Bugzilla
CVE-2025-58188 vhs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 vhs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 vhs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-7646f2a691 (vhs-0.10.0-4.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-7646f2a691
Bugzilla
CVE-2025-58188 golang-github-containerd-fuse-overlayfs-snapshotter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-containerd-fuse-overlayfs-snapshotter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-containerd-fuse-overlayfs-snapshotter: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora
Bugzilla
CVE-2025-58188 golang-github-cockroachdb-pebble: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-cockroachdb-pebble: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-cockroachdb-pebble: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-x-exp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-exp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 golang-x-exp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
Doesn't affect the package.
Bugzilla
CVE-2025-58188 golang-github-francoispqt-gojay: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-francoispqt-gojay: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-francoispqt-gojay: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 golang-github-mock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-mock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-mock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fed
Bugzilla
CVE-2025-58188 golang-google-appengine: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-google-appengine: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-google-appengine: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It i
Bugzilla
CVE-2025-58188 golang-github-facebookincubator-go2chef: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-facebookincubator-go2chef: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-facebookincubator-go2chef: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on
Bugzilla
CVE-2025-58188 golang-k8s-apiextensions-apiserver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-apiextensions-apiserver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-apiextensions-apiserver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-
Bugzilla
CVE-2025-58188 git-lfs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 git-lfs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 git-lfs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's polic
Bugzilla
CVE-2025-58188 golang-uber-mock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-uber-mock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-uber-mock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedor
Bugzilla
CVE-2025-58188 golang-github-google-pprof: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-google-pprof: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-google-pprof: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
I
Bugzilla
CVE-2025-58188 transifex-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 transifex-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 transifex-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedor
Bugzilla
CVE-2025-58188 netdata: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 netdata: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 netdata: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's polic
Bugzilla
CVE-2025-58188 whisper-cpp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 whisper-cpp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 whisper-cpp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's p
Bugzilla
CVE-2025-58188 grpc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 grpc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 grpc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 gvisor-tap-vsock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gvisor-tap-vsock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gvisor-tap-vsock: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
See https://bugzilla.redhat.com/show_bug.cgi?id=2411616#c1
---
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining a
Bugzilla
CVE-2025-58188 golang-github-nats-io-streaming-server: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-nats-io-streaming-server: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-nats-io-streaming-server: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2
Bugzilla
CVE-2025-58188 golang-github-erkexzcx-valetudopng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-erkexzcx-valetudopng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-erkexzcx-valetudopng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-
Bugzilla
CVE-2025-58188 golang-github-prometheus-prom2json: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-prometheus-prom2json: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-prometheus-prom2json: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-
Bugzilla
CVE-2025-58188 htmltest: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 htmltest: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 htmltest: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 trustee-guest-components: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 trustee-guest-components: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 trustee-guest-components: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 grafana: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 grafana: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 grafana: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's polic
Bugzilla
CVE-2025-58188 golang-github-grpc-ecosystem-gateway: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-grpc-ecosystem-gateway: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-grpc-ecosystem-gateway: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 202
Bugzilla
CVE-2025-58188 golang-github-vmware-govmomi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-vmware-govmomi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-vmware-govmomi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-eclipse-paho-mqtt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-eclipse-paho-mqtt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-eclipse-paho-mqtt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 kata-containers: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 kata-containers: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 kata-containers: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora
Bugzilla
CVE-2025-58188 yubihsm-connector: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 yubihsm-connector: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 yubihsm-connector: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedo
Bugzilla
CVE-2025-58188 ignition: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 ignition: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 ignition: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 golang-github-google-dap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-google-dap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-google-dap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 golang-x-debug: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-debug: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-debug: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora'
Bugzilla
CVE-2025-58188 golang-github-apache-beam-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-apache-beam-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-apache-beam-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-moby-swarmkit-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-moby-swarmkit-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-moby-swarmkit-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-github-haproxytech-client-native: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-haproxytech-client-native: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-haproxytech-client-native: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on
Bugzilla
CVE-2025-58188 image-builder: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 image-builder: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 image-builder: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 trivy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 trivy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 trivy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-868e266938 (trivy-0.69.3-1.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-868e266938
---
FEDORA-2026-868e266938
Bugzilla
CVE-2025-58188 golang-github-hashicorp-serf: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-hashicorp-serf: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-hashicorp-serf: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 suseconnect-ng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 suseconnect-ng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 suseconnect-ng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora'
Bugzilla
CVE-2025-58188 golang-github-task: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-task: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-task: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fed
Bugzilla
CVE-2025-58188 golang-mvdan-xurls: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-mvdan-xurls: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-mvdan-xurls: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fed
Bugzilla
CVE-2025-58188 golang-github-colinmarc-hdfs-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-colinmarc-hdfs-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-colinmarc-hdfs-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-1
Bugzilla
CVE-2025-58188 golang-gvisor: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-gvisor: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-gvisor: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 golang-k8s-kube-openapi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-kube-openapi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-kube-openapi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It i
Bugzilla
CVE-2025-58188 gitjacker: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gitjacker: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gitjacker: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 golang-github-hashicorp-hc-install: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-hashicorp-hc-install: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-hashicorp-hc-install: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-
Bugzilla
CVE-2025-58188 libarrow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 libarrow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 libarrow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 golang-github-shopify-sarama: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-shopify-sarama: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-shopify-sarama: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 git-credential-oauth: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 git-credential-oauth: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 git-credential-oauth: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is F
Bugzilla
CVE-2025-58188 golang-github-uber-athenadriver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-uber-athenadriver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-uber-athenadriver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 lw-cli: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 lw-cli: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 lw-cli: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-x-text: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-text: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-text: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 golang-github-niklasfasching-org: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-niklasfasching-org: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-niklasfasching-org: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-github-cloudflare: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-cloudflare: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-cloudflare: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 miller: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 miller: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 miller: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-github-googleapis-gnostic: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-googleapis-gnostic: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-googleapis-gnostic: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-github-git-5: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-git-5: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-git-5: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fe
Bugzilla
CVE-2025-58188 golang-k8s-pod-security-admission: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-pod-security-admission: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-pod-security-admission: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-0
Bugzilla
CVE-2025-58188 opentofu: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 opentofu: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 opentofu: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 gphotosdl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gphotosdl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gphotosdl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 golang-github-temoto-robotstxt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-temoto-robotstxt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-temoto-robotstxt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-1
Bugzilla
CVE-2025-58188 golang-github-grpc-ecosystem-gateway-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-grpc-ecosystem-gateway-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-grpc-ecosystem-gateway-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2
Bugzilla
CVE-2025-58188 golang-oras: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-oras: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-oras: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's p
Bugzilla
CVE-2025-58188 golang-k8s-code-generator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-code-generator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-code-generator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 mlpack: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 mlpack: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 mlpack: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 yq: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 yq: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 yq: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to
Bugzilla
CVE-2025-58188 vhs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 vhs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 vhs: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-795b0d0367 (vhs-0.9.0-2.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-795b0d0367
Bugzilla
CVE-2025-58188 golang-github-aliyun-cli: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-aliyun-cli: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-aliyun-cli: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 golang-x-mobile: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-mobile: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-mobile: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora
Bugzilla
CVE-2025-58188 golang-github-edoardottt-lit-bb-hack-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-edoardottt-lit-bb-hack-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-edoardottt-lit-bb-hack-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42
Bugzilla
CVE-2025-58188 golang-github-mholt-archiver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-mholt-archiver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-mholt-archiver: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-tdewolff-minify: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-tdewolff-minify: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-tdewolff-minify: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-sigs-k8s-aws-iam-authenticator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-sigs-k8s-aws-iam-authenticator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-sigs-k8s-aws-iam-authenticator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 20
Bugzilla
CVE-2025-58188 docker-distribution: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 docker-distribution: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 docker-distribution: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
golang fixed since v1.25.2
Bugzilla
CVE-2025-58188 golang-github-liamg-scout: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-liamg-scout: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-liamg-scout: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It
Bugzilla
CVE-2025-58188 qt5-qtwebengine: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 qt5-qtwebengine: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 qt5-qtwebengine: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora
Bugzilla
CVE-2025-58188 golang-github-hashicorp-msgpack: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-hashicorp-msgpack: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-hashicorp-msgpack: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-
Bugzilla
CVE-2025-58188 nats-server: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 nats-server: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 nats-server: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's p
Bugzilla
CVE-2025-58188 tinygo: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 tinygo: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 tinygo: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-github-jsonnet-bundler: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-jsonnet-bundler: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-jsonnet-bundler: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-github-chromedp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-chromedp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-chromedp: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is
Bugzilla
CVE-2025-58188 nng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 nng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 nng: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to
Bugzilla
CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-ed208f5337 (hut-0.8.0-1.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-ed208f5337
---
FEDORA-2026-32113d4817 (hut
Bugzilla
CVE-2025-58188 golang-github-haproxytech-dataplaneapi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-haproxytech-dataplaneapi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-haproxytech-dataplaneapi: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2
Bugzilla
CVE-2025-58188 yggdrasil: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 yggdrasil: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 yggdrasil: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 gron: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gron: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gron: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 golang-github-distribution-3: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-distribution-3: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-distribution-3: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-acme-lego: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-acme-lego: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-acme-lego: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It i
Bugzilla
CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-6d67b00ef1 (glow-2.1.2-1.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-6d67b00ef1
Bugzilla
CVE-2025-58188 tailscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 tailscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 tailscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 thrift: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 thrift: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 thrift: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 vultr: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 vultr: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 vultr: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 golang-github-theoapp-theo-agent: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-theoapp-theo-agent: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-theoapp-theo-agent: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-github-cpu-goacmedns: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-cpu-goacmedns: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-cpu-goacmedns: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 syncthing: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 syncthing: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 syncthing: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 golang-github-opencontainers-runtime-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-opencontainers-runtime-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-opencontainers-runtime-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42
Bugzilla
CVE-2025-58188 trayscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 trayscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
CVE-2025-58188 trayscale: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 golang-github-google-martian: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-google-martian: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-google-martian: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-etcd-bbolt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-etcd-bbolt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-etcd-bbolt: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedo
Bugzilla
CVE-2025-58188 golang-github-path-network-mmproxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-path-network-mmproxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-path-network-mmproxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-
Bugzilla
CVE-2025-58188 golang-github-projectdiscovery-chaos-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-projectdiscovery-chaos-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-projectdiscovery-chaos-client: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42
Bugzilla
CVE-2025-58188 golang-github-markbates-pkger: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-markbates-pkger: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-markbates-pkger: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 golang-x-vuln: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-x-vuln: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-x-vuln: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 golang-github-moby-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-moby-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-moby-buildkit: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 gmailctl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 gmailctl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 gmailctl: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to
Bugzilla
CVE-2025-58188 kubernetes1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 kubernetes1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 kubernetes1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora'
Bugzilla
CVE-2025-58188 golang-k8s-kube-aggregator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-k8s-kube-aggregator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-k8s-kube-aggregator: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
I
Bugzilla
CVE-2025-58188 golang-github-rubenv-sql-migrate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-rubenv-sql-migrate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-rubenv-sql-migrate: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05
Bugzilla
CVE-2025-58188 golang-github-schollz-cli-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-schollz-cli-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-schollz-cli-2: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
Bugzilla
CVE-2025-58188 golang-github-redteampentesting-monsoon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-11-01·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-github-redteampentesting-monsoon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 golang-github-redteampentesting-monsoon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on
Bugzilla
CVE-2025-58188 cadvisor: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cadvisor: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cadvisor: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
---
FEDORA-EPEL-2026-4deb1b7241 (glow-2.1.2-1.el10_3) has been submitted as an upda
Bugzilla
CVE-2025-58188 cri-o: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-o: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-o: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 bpfman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 bpfman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 bpfman: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 buildah: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 buildah: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 buildah: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2025-3ccd4113df (buildah-1.42.0-3.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-3ccd4113df
---
FEDORA-2025-3ccd41
Bugzilla
CVE-2025-58188 cri-tools1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-tools1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-tools1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 dnsx: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 dnsx: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 dnsx: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 cri-tools1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-tools1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-tools1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 cri-tools1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-tools1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-tools1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 cri-tools1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-tools1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-tools1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 golang-etcd-bbolt: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 golang-etcd-bbolt: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
CVE-2025-58188 golang-etcd-bbolt: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Bugzilla
CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [epel-10]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Bugzilla
CVE-2025-58188 cheat: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cheat: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cheat: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 deepin-daemon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 deepin-daemon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 deepin-daemon: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 apache-cloudstack-cloudmonkey: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 apache-cloudstack-cloudmonkey: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 apache-cloudstack-cloudmonkey: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13
Bugzilla
CVE-2025-58188 cri-o1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-o1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-o1.29: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 dnscrypt-proxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 dnscrypt-proxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 dnscrypt-proxy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora'
Bugzilla
CVE-2025-58188 aerc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 aerc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 aerc: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 cri-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-tools: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 cri-o1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-o1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-o1.31: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 cri-tools1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-tools1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-tools1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's
Bugzilla
CVE-2025-58188 deepin-api: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 deepin-api: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 deepin-api: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's po
Bugzilla
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9]
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 asnmap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 asnmap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 asnmap: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 cri-o1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 cri-o1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 cri-o1.30: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
Bugzilla
CVE-2025-58188 deepin-pw-check: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 deepin-pw-check: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 deepin-pw-check: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora
Bugzilla
CVE-2025-58188 butane: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 butane: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 butane: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 ceph: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 ceph: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 ceph: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy t
Bugzilla
CVE-2025-58188 OliveTin: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 OliveTin: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 OliveTin: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's poli
Bugzilla
CVE-2025-58188 clash-meta: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 clash-meta: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 clash-meta: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's po
Bugzilla
CVE-2025-58188 direnv: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 direnv: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 direnv: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 anubis: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 anubis: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 anubis: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-8]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-8]
CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [epel-8]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Bugzilla
CVE-2025-58188 chisel: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 chisel: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
CVE-2025-58188 chisel: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy
Bugzilla
CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9]
bugzilla·2025-10-31·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9]
CVE-2025-58188 fluent-bit: Panic when validating certificates with DSA public keys in crypto/x509 [epel-9]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Bugzilla
CVE-2025-58188 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
bugzilla·2025-10-29·CVSS 7.5
CVE-2025-58188 [HIGH] CVE-2025-58188 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
CVE-2025-58188 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.
Discussion:
This CVE does not affect the bpfman package in Fedora.
CVE-2025-58188 is a vulnerability in Go's crypto/x509 package related to DSA public key certificate validation. The Fedora bpfman package does not build, ship, or use any Go code.
Evidence from the spec file (bpfman.spec):
Source0 (line 47): https://github.com/bpfman/bpfman/archive/refs/tags/v0.5.4.tar.gz
- Yes, this source tarball DOES contain Go code (visible in license breakdown line 38:
Wiz
CVE-2026-25793 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-25793 [HIGH] CVE-2026-25793 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-25793 :
Nebula vulnerability analysis and mitigation
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of the certificate with a different fingerprint. This issue has been patched in version 1.10.3.
Source : NVD
## 7.6
Score
Published February 6, 2026
Severity HIGH
CNA Score 7.6
Affected Technologies
Nebula
Wolfi
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
Wiz
GHSA-4c5f-9mj4-m247 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.0
CVE-2025-47907 [HIGH] GHSA-4c5f-9mj4-m247 Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-4c5f-9mj4-m247 :
vulnerability analysis and mitigation
## Summary
In 2025, several vulnerabilities in the Go Standard Library were disclosed, impacting Go-based applications like flagd (the evaluation engine for OpenFeature). These CVEs primarily focus on Denial of Service (DoS) through resource exhaustion and Race Conditions in database handling.
CVE-2025-47907
database/sql
7.0 (High)
Race Condition: Canceling a query during a Scan call can return data from the wrong query. Critical if flagd uses SQL-based sync providers (e.g., Postgres), potentially leading to incorrect flag configurations.
CVE-2025-61725
net/mail
7.5 (High)
DoS: Inefficient complexity in ParseAddress. Attackers can provide crafted email strings with large domain literals to exhaust CPU if flagd parse
2025-10-29
Published