Bug 2354422
| Summary: | CVE-2025-30204 golang-github-prometheus: jwt-go allows excessive memory allocation during header parsing [fedora-41] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Robb Gatica <rgatica> |
| Component: | golang-github-prometheus | Assignee: | Mikel Olasagasti Uranga <mikel> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 41 | CC: | go-sig, iwaim.sub, mark.e.fuller, mikel |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["95a9dde5-6090-4836-a6ca-cacc3443099b"]} | ||
| Fixed In Version: | golang-github-prometheus-2.55.1-1.fc43 | Doc Type: | --- |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2025-07-17 08:42:35 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2354195 | ||
|
Description
Robb Gatica
2025-03-24 03:02:25 UTC
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component. This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component. FEDORA-2025-3afa669ec0 (golang-github-prometheus-2.55.1-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-3afa669ec0 FEDORA-2025-3afa669ec0 (golang-github-prometheus-2.55.1-1.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report. |