Fedora Linux 8861 Published by

Both Fedora Linux 40 and 41 have been updated with security updates for Chromium and MediaWiki:

Fedora 40 Update: chromium-132.0.6834.110-1.fc40
Fedora 40 Update: mediawiki-1.41.5-1.fc40
Fedora 41 Update: chromium-132.0.6834.110-1.fc41
Fedora 41 Update: mediawiki-1.41.5-1.fc41




[SECURITY] Fedora 40 Update: chromium-132.0.6834.110-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-5d89c826ff
2025-01-26 01:57:19.966250+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 40
Version : 132.0.6834.110
Release : 1.fc40
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 132.0.6834.110
High CVE-2025-0611: Object corruption in V8
High CVE-2025-0612: Out of bounds memory access in V8
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 23 2025 Than Ngo [than@redhat.com] - 132.0.6834.110-1
- Update to 132.0.6834.110
* High CVE-2025-0611: Object corruption in V8
* High CVE-2025-0612: Out of bounds memory access in V8
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 132.0.6834.83-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2341634 - CVE-2025-0611 chromium: Object corruption in V8 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341634
[ 2 ] Bug #2341635 - CVE-2025-0611 chromium: Object corruption in V8 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341635
[ 3 ] Bug #2341636 - CVE-2025-0612 chromium: Out of bounds memory access in V8 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341636
[ 4 ] Bug #2341637 - CVE-2025-0612 chromium: Out of bounds memory access in V8 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341637
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-5d89c826ff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: mediawiki-1.41.5-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-11277f6779
2025-01-26 01:57:19.966224+00:00
--------------------------------------------------------------------------------

Name : mediawiki
Product : Fedora 40
Version : 1.41.5
Release : 1.fc40
URL : https://www.mediawiki.org/
Summary : A wiki engine
Description :
MediaWiki is the software used for Wikipedia and the other Wikimedia
Foundation websites. Compared to other wikis, it has an excellent
range of features and support for high-traffic websites using multiple
servers

This package supports wiki farms. Read the instructions for creating wiki
instances under /usr/share/doc/mediawiki/README.RPM.
Remember to remove the config dir after completing the configuration.

--------------------------------------------------------------------------------
Update Information:

https://lists.wikimedia.org/hyperkitty/list/wikitech-
l@lists.wikimedia.org/thread/PFTE5RHUERS6KTUGGRZO7XXV5THNJ77E/
https://lists.wikimedia.org/hyperkitty/list/mediawiki-
announce@lists.wikimedia.org/thread/5NYC4UZLY3MWQZ6DYJAUQRJG2ZHZFBJ6/
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 16 2025 Michael Cronenworth [mike@cchtml.com] - 1.41.5-1
- Update to 1.41.5
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.41.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2316896 - CVE-2024-47848 mediawiki: User can review/unreview articles while blocked [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2316896
[ 2 ] Bug #2338424 - CVE on mediawiki 1.41.2
https://bugzilla.redhat.com/show_bug.cgi?id=2338424
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-11277f6779' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: chromium-132.0.6834.110-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-eb2f4a2306
2025-01-26 01:01:24.562687+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 41
Version : 132.0.6834.110
Release : 1.fc41
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 132.0.6834.110
High CVE-2025-0611: Object corruption in V8
High CVE-2025-0612: Out of bounds memory access in V8
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 23 2025 Than Ngo [than@redhat.com] - 132.0.6834.110-1
- Update to 132.0.6834.110
* High CVE-2025-0611: Object corruption in V8
* High CVE-2025-0612: Out of bounds memory access in V8
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 132.0.6834.83-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2341634 - CVE-2025-0611 chromium: Object corruption in V8 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341634
[ 2 ] Bug #2341635 - CVE-2025-0611 chromium: Object corruption in V8 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341635
[ 3 ] Bug #2341636 - CVE-2025-0612 chromium: Out of bounds memory access in V8 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341636
[ 4 ] Bug #2341637 - CVE-2025-0612 chromium: Out of bounds memory access in V8 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2341637
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-eb2f4a2306' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: mediawiki-1.41.5-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-25b16d6561
2025-01-26 01:01:24.562643+00:00
--------------------------------------------------------------------------------

Name : mediawiki
Product : Fedora 41
Version : 1.41.5
Release : 1.fc41
URL : https://www.mediawiki.org/
Summary : A wiki engine
Description :
MediaWiki is the software used for Wikipedia and the other Wikimedia
Foundation websites. Compared to other wikis, it has an excellent
range of features and support for high-traffic websites using multiple
servers

This package supports wiki farms. Read the instructions for creating wiki
instances under /usr/share/doc/mediawiki/README.RPM.
Remember to remove the config dir after completing the configuration.

--------------------------------------------------------------------------------
Update Information:

https://lists.wikimedia.org/hyperkitty/list/wikitech-
l@lists.wikimedia.org/thread/PFTE5RHUERS6KTUGGRZO7XXV5THNJ77E/
https://lists.wikimedia.org/hyperkitty/list/mediawiki-
announce@lists.wikimedia.org/thread/5NYC4UZLY3MWQZ6DYJAUQRJG2ZHZFBJ6/
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 16 2025 Michael Cronenworth [mike@cchtml.com] - 1.41.5-1
- Update to 1.41.5
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2316896 - CVE-2024-47848 mediawiki: User can review/unreview articles while blocked [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2316896
[ 2 ] Bug #2338424 - CVE on mediawiki 1.41.2
https://bugzilla.redhat.com/show_bug.cgi?id=2338424
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-25b16d6561' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--