Fedora 43 has received two updates: chromium-145.0.7632.116-1.fc43 and gimp-3.0.8-5.fc43, both addressing security issues. The chromium update fixes three vulnerabilities (CVE-2026-3061, CVE-2026-3062, and CVE-2026-3063) that affect the browser's media, tint, and DevTools functionality. The gimp update resolves a vulnerability in the PSD file loader (CVE-2026-2239), which could cause a denial of service attack.

Fedora 43 Update: chromium-145.0.7632.116-1.fc43
Fedora 43 Update: gimp-3.0.8-5.fc43

[SECURITY] Fedora 43 Update: chromium-145.0.7632.116-1.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-2e8248f158
2026-03-01 00:52:28.948322+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 43
Version : 145.0.7632.116
Release : 1.fc43
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 145.0.7632.116
* CVE-2026-3061: Out of bounds read in Media
* CVE-2026-3062: Out of bounds read and write in Tint
* CVE-2026-3063: Inappropriate implementation in DevTools
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 24 2026 Than Ngo [than@redhat.com] - 145.0.7632.116-1
- Update to 145.0.7632.116
* CVE-2026-3061: Out of bounds read in Media
* CVE-2026-3062: Out of bounds read and write in Tint
* CVE-2026-3063: Inappropriate implementation in DevTools
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-2e8248f158' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new

[SECURITY] Fedora 43 Update: gimp-3.0.8-5.fc43

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2026-3e21dad421
2026-03-01 00:52:28.948310+00:00
--------------------------------------------------------------------------------

Name : gimp
Product : Fedora 43
Version : 3.0.8
Release : 5.fc43
URL : https://www.gimp.org
Summary : GNU Image Manipulation Program
Description :
GIMP (GNU Image Manipulation Program) is a powerful image composition and
editing program, which can be extremely useful for creating logos and other
graphics for web pages. GIMP has many of the tools and filters you would expect
to find in similar commercial offerings, and some interesting extras as well.
GIMP provides a large image manipulation toolbox, including channel operations
and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all
with multi-level undo.

--------------------------------------------------------------------------------
Update Information:

This is a security update fixing the loader for PSD files.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 26 2026 Nils Philippsen [nils@tiptoe.de] - 2:3.0.8-5
- Fix overflows and crashes in the PSD loader
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2437677 - CVE-2026-2239 gimp: GIMP: Denial of Service via crafted PSD file due to heap-buffer-overflow [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2437677
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2026-3e21dad421' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new