Fedora 41 Update: chromium-141.0.7390.107-1.fc41
Fedora 41 Update: gi-docgen-2025.5-1.fc41
Fedora 42 Update: gi-docgen-2025.5-1.fc42
[SECURITY] Fedora 41 Update: chromium-141.0.7390.107-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3ec3fcd759
2025-10-21 01:40:08.522829+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 41
Version : 141.0.7390.107
Release : 1.fc41
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update 141.0.7390.107
* High CVE-2025-11756: Use after free in Safe Browsing
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 15 2025 Than Ngo [than@redhat.com] - 141.0.7390.107-1
- Update 141.0.7390.107
* High CVE-2025-11756: Use after free in Safe Browsing
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2403507 - CVE-2025-11756 - Update chromium to 141.0.7390.107 [fedora-all, epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2403507
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3ec3fcd759' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: gi-docgen-2025.5-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-52dc5ac7d9
2025-10-21 01:40:08.522799+00:00
--------------------------------------------------------------------------------
Name : gi-docgen
Product : Fedora 41
Version : 2025.5
Release : 1.fc41
URL : https://gitlab.gnome.org/GNOME/gi-docgen
Summary : Documentation tool for GObject-based libraries
Description :
GI-DocGen is a document generator for GObject-based libraries. GObject is the
base type system of the GNOME project. GI-Docgen reuses the introspection data
generated by GObject-based libraries to generate the API reference of these
libraries, as well as other ancillary documentation.
GI-DocGen is not a general purpose documentation tool for C libraries.
While GI-DocGen can be used to generate API references for most GObject/C
libraries that expose introspection data, its main goal is to generate the
reference for GTK and its immediate dependencies. Any and all attempts at
making this tool more generic, or to cover more use cases, will be weighted
heavily against its primary goal.
GI-DocGen is still in development. The recommended use of GI-DocGen is to add
it as a sub-project to your Meson build system, and vendor it when releasing
dist archives.
You should not depend on a system-wide installation until GI-DocGen is declared
stable.
--------------------------------------------------------------------------------
Update Information:
gi-docgen 2025.5 - 2025-10-11
This is a security fix for CVE-2025-11687. ???The severity of this issue depends
on what else is hosted on the same domain as the docs. XSS on a website that
hosts only gi-docgen docs and nothing else is likely harmless.???
Fixed
Make sure to escape query strings
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 11 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 2025.5-1
- Update to 2025.5 (close RHBZ#2403282)
* Fri Sep 19 2025 Python Maint - 2025.4-5
- Rebuilt for Python 3.14.0rc3 bytecode
* Fri Aug 15 2025 Python Maint - 2025.4-4
- Rebuilt for Python 3.14.0rc2 bytecode
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2025.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2403282 - gi-docgen-2025.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2403282
[ 2 ] Bug #2403539 - CVE-2025-11687 gi-docgen: Reflected DOM XSS in gi-docgen [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2403539
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-52dc5ac7d9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 42 Update: gi-docgen-2025.5-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b4184a589e
2025-10-21 01:00:14.394328+00:00
--------------------------------------------------------------------------------
Name : gi-docgen
Product : Fedora 42
Version : 2025.5
Release : 1.fc42
URL : https://gitlab.gnome.org/GNOME/gi-docgen
Summary : Documentation tool for GObject-based libraries
Description :
GI-DocGen is a document generator for GObject-based libraries. GObject is the
base type system of the GNOME project. GI-Docgen reuses the introspection data
generated by GObject-based libraries to generate the API reference of these
libraries, as well as other ancillary documentation.
GI-DocGen is not a general purpose documentation tool for C libraries.
While GI-DocGen can be used to generate API references for most GObject/C
libraries that expose introspection data, its main goal is to generate the
reference for GTK and its immediate dependencies. Any and all attempts at
making this tool more generic, or to cover more use cases, will be weighted
heavily against its primary goal.
GI-DocGen is still in development. The recommended use of GI-DocGen is to add
it as a sub-project to your Meson build system, and vendor it when releasing
dist archives.
You should not depend on a system-wide installation until GI-DocGen is declared
stable.
--------------------------------------------------------------------------------
Update Information:
gi-docgen 2025.5 - 2025-10-11
This is a security fix for CVE-2025-11687. ???The severity of this issue depends
on what else is hosted on the same domain as the docs. XSS on a website that
hosts only gi-docgen docs and nothing else is likely harmless.???
Fixed
Make sure to escape query strings
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 11 2025 Benjamin A. Beasley [code@musicinmybrain.net] - 2025.5-1
- Update to 2025.5 (close RHBZ#2403282)
* Fri Sep 19 2025 Python Maint - 2025.4-5
- Rebuilt for Python 3.14.0rc3 bytecode
* Fri Aug 15 2025 Python Maint - 2025.4-4
- Rebuilt for Python 3.14.0rc2 bytecode
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2025.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2403282 - gi-docgen-2025.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2403282
[ 2 ] Bug #2403540 - CVE-2025-11687 gi-docgen: Reflected DOM XSS in gi-docgen [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2403540
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b4184a589e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
