Abrt and MinGW-LibPNG updates for Fedora

Fedora Linux 9179 Published by

Fedora has released updates for several packages to address security vulnerabilities. The first update affects Fedora 41 and involves an update to abrt (2.17.8-1.fc41) that fixes CVE-2025-12744, which allows command injection leading to local privilege escalation. Two other updates affect Fedora 42 and Fedora 43, updating the mingw-libpng package to version 1.6.51, which addresses multiple buffer overflow vulnerabilities (CVE-2025-64720, CVE-2025-65018, and CVE-2025-64506).

Fedora 41 Update: abrt-2.17.8-1.fc41
Fedora 42 Update: mingw-libpng-1.6.51-1.fc42
Fedora 43 Update: mingw-libpng-1.6.51-1.fc43




[SECURITY] Fedora 41 Update: abrt-2.17.8-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ed228a4b71
2025-12-09 01:38:29.846962+00:00
--------------------------------------------------------------------------------

Name : abrt
Product : Fedora 41
Version : 2.17.8
Release : 1.fc41
URL : https://abrt.readthedocs.org/
Summary : Automatic bug detection and reporting tool
Description :
abrt is a tool to help users to detect defects in applications and
to create a bug report with all information needed by maintainer to fix it.
It uses plugin system to extend its functionality.

--------------------------------------------------------------------------------
Update Information:

Fix CVE-2025-12744
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 4 2025 Michal Srb [michal@redhat.com] - 2.17.8-1
- a-a-save-container-data: validate input
- Resolves: CVE-2025-12744
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2418567 - CVE-2025-12744 abrt: Command-injection in ABRT leading to local privilege escalation [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2418567
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ed228a4b71' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: mingw-libpng-1.6.51-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-9d0f04f316
2025-12-09 01:10:36.252139+00:00
--------------------------------------------------------------------------------

Name : mingw-libpng
Product : Fedora 42
Version : 1.6.51
Release : 1.fc42
URL : http://www.libpng.org/pub/png/
Summary : MinGW Windows Libpng library
Description :
MinGW Windows Libpng library.

--------------------------------------------------------------------------------
Update Information:

Update to libpng-1.6.51.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 30 2025 Sandro Mani [manisandro@gmail.com] - 1.6.51-1
- Update to 1.6.51
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.6.50-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Fri Jul 18 2025 Sandro Mani [manisandro@gmail.com] - 1.6.50-1
- Update to 1.6.50
* Tue Jun 17 2025 Sandro Mani [manisandro@gmail.com] - 1.6.49-1
- Update to 1.6.49
* Tue May 6 2025 Sandro Mani [manisandro@gmail.com] - 1.6.48-1
- Update to 1.6.48
* Thu Feb 20 2025 Sandro Mani [manisandro@gmail.com] - 1.6.47-1
- Update to 1.6.47
* Fri Feb 7 2025 Sandro Mani [manisandro@gmail.com] - 1.6.46-1
- Update to 1.6.46
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2417439 - CVE-2025-64720 mingw-libpng: LIBPNG buffer overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2417439
[ 2 ] Bug #2417458 - CVE-2025-65018 mingw-libpng: LIBPNG heap buffer overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2417458
[ 3 ] Bug #2417468 - CVE-2025-64506 mingw-libpng: LIBPNG heap buffer over-read [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2417468
[ 4 ] Bug #2418413 - CVE-2025-64505 mingw-libpng: LIBPNG heap buffer overflow via malformed palette index [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418413
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-9d0f04f316' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 43 Update: mingw-libpng-1.6.51-1.fc43


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-f54c75f2f9
2025-12-09 00:53:16.818498+00:00
--------------------------------------------------------------------------------

Name : mingw-libpng
Product : Fedora 43
Version : 1.6.51
Release : 1.fc43
URL : http://www.libpng.org/pub/png/
Summary : MinGW Windows Libpng library
Description :
MinGW Windows Libpng library.

--------------------------------------------------------------------------------
Update Information:

Update to libpng-1.6.51.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 30 2025 Sandro Mani [manisandro@gmail.com] - 1.6.51-1
- Update to 1.6.51
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2417472 - CVE-2025-64720 mingw-libpng: LIBPNG buffer overflow [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2417472
[ 2 ] Bug #2417486 - CVE-2025-65018 mingw-libpng: LIBPNG heap buffer overflow [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2417486
[ 3 ] Bug #2417491 - CVE-2025-64506 mingw-libpng: LIBPNG heap buffer over-read [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2417491
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-f54c75f2f9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


LibreOffice 25.8.3 released

Kernel, NodeJS, RPM, and more updates for Oracle Linux

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...