Chromium, Udisks, Python-Pycares, .NET, Beanutils, mediawiki, MinGW-Python-Setuptools updates for Fedora

Fedora Linux 9021 Published by

Fedora Linux has been updated with various security enhancements, encompassing chromium, udisks, python-pycares, dotnet, apache-commons-beanutils, mediawiki, and mingw-python-setuptools:

Fedora 42 Update: chromium-137.0.7151.119-1.fc42
Fedora 42 Update: udisks2-2.10.90-3.fc42
Fedora 42 Update: python-pycares-4.9.0-1.fc42
Fedora 42 Update: dotnet9.0-9.0.107-1.fc42
Fedora 42 Update: apache-commons-beanutils-1.9.4-39.fc42
Fedora 42 Update: mediawiki-1.43.1-1.fc42
Fedora 41 Update: mingw-python-setuptools-78.1.1-1.fc41
Fedora 42 Update: mingw-python-setuptools-78.1.1-1.fc42




[SECURITY] Fedora 42 Update: chromium-137.0.7151.119-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b434717c22
2025-06-22 05:57:57.824627+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 42
Version : 137.0.7151.119
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 137.0.7151.119
* CVE-2025-6191: Integer overflow in V8
* CVE-2025-6192: Use after free in Profiler
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 18 2025 Than Ngo [than@redhat.com] - 137.0.7151.119-1
- Update to 137.0.7151.119
* CVE-2025-6191: Integer overflow in V8
* CVE-2025-6192: Use after free in Profiler
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373778 - CVE-2025-6192 chromium: Chromium use after free [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2373778
[ 2 ] Bug #2373780 - CVE-2025-6191 chromium: Chromium integer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2373780
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b434717c22' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: udisks2-2.10.90-3.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6ef0c40f95
2025-06-22 05:57:57.824605+00:00
--------------------------------------------------------------------------------

Name : udisks2
Product : Fedora 42
Version : 2.10.90
Release : 3.fc42
URL : https://github.com/storaged-project/udisks
Summary : Disk Manager
Description :
The Udisks project provides a daemon, tools and libraries to access and
manipulate disks, storage devices and technologies.

--------------------------------------------------------------------------------
Update Information:

Harden temporary private mounts (#2373301)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Tomas Bzatek [tbzatek@redhat.com] - 2.10.90-3
- Harden temporary private mounts (#2373301)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373301 - libblockdev allegedly exploitable via the udisks daemon included by default on most Linux distributions, and allows an ???allow_active??? user to gain full root privileges (CVE-2025-6019)
https://bugzilla.redhat.com/show_bug.cgi?id=2373301
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6ef0c40f95' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 42 Update: python-pycares-4.9.0-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-31830e02b0
2025-06-22 05:57:57.824541+00:00
--------------------------------------------------------------------------------

Name : python-pycares
Product : Fedora 42
Version : 4.9.0
Release : 1.fc42
URL : https://github.com/saghul/pycares
Summary : Python interface for c-ares
Description :
pycares is a Python module which provides an interface to
c-ares. c-ares is a C library that performs DNS requests and name
resolutions asynchronously.

--------------------------------------------------------------------------------
Update Information:

4.9.0
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 13 2025 Gwyn Ciesla [gwync@protonmail.com] - 4.9.0-1
- 4.9.0
* Tue Jun 3 2025 Python Maint - 4.8.0-2
- Rebuilt for Python 3.14
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2372603 - python-pycares-4.9.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2372603
[ 2 ] Bug #2373112 - CVE-2025-48945 python-pycares: pycares Channel Use-After-Free [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373112
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-31830e02b0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: dotnet9.0-9.0.107-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-77d16adbcd
2025-06-22 05:57:57.824525+00:00
--------------------------------------------------------------------------------

Name : dotnet9.0
Product : Fedora 42
Version : 9.0.107
Release : 1.fc42
URL : https://github.com/dotnet/
Summary : .NET Runtime and SDK
Description :
.NET is a fast, lightweight and modular platform for creating
cross platform applications that work on Linux, macOS and Windows.

It particularly focuses on creating console applications, web
applications and micro-services.

.NET contains a runtime conforming to .NET Standards a set of
framework libraries, an SDK containing compilers and a 'dotnet'
application to drive everything.

--------------------------------------------------------------------------------
Update Information:

This is the .NET monthly update for June 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.6/9.0.107.md
Runtime: https://github.com/dotnet/core/blob/main/release-
notes/9.0/9.0.6/9.0.6.md
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 10 2025 Omair Majid [omajid@redhat.com] - 9.0.107-1
- Update to .NET SDK 9.0.107 and Runtime 9.0.6
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-77d16adbcd' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: apache-commons-beanutils-1.9.4-39.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-48e8e5f8ed
2025-06-22 05:57:57.824474+00:00
--------------------------------------------------------------------------------

Name : apache-commons-beanutils
Product : Fedora 42
Version : 1.9.4
Release : 39.fc42
URL : https://commons.apache.org/proper/commons-beanutils/
Summary : Java utility methods for accessing and modifying the properties of arbitrary JavaBeans
Description :
The scope of this package is to create a package of Java utility methods
for accessing and modifying the properties of arbitrary JavaBeans. No
dependencies outside of the JDK are required, so the use of this package
is very lightweight.

--------------------------------------------------------------------------------
Update Information:

Fix improper access control vulnerability
Resolves: CVE-2025-48734
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 13 2025 Mikolaj Izdebski [mizdebsk@redhat.com] - 1.9.4-39
- Fix improper access control vulnerability
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2369090 - CVE-2025-48734 apache-commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2369090
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-48e8e5f8ed' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: mediawiki-1.43.1-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-01bd4e4d20
2025-06-22 05:57:57.824370+00:00
--------------------------------------------------------------------------------

Name : mediawiki
Product : Fedora 42
Version : 1.43.1
Release : 1.fc42
URL : https://www.mediawiki.org/
Summary : A wiki engine
Description :
MediaWiki is the software used for Wikipedia and the other Wikimedia
Foundation websites. Compared to other wikis, it has an excellent
range of features and support for high-traffic websites using multiple
servers

This package supports wiki farms. Read the instructions for creating wiki
instances under /usr/share/doc/mediawiki/README.RPM.
Remember to remove the config dir after completing the configuration.

--------------------------------------------------------------------------------
Update Information:

https://lists.wikimedia.org/hyperkitty/list/mediawiki-
announce@lists.wikimedia.org/thread/OXIGQIHBL26HFKG6TT5SWSH7K7W6RO4H/
https://phabricator.wikimedia.org/T382326
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 12 2025 Michael Cronenworth [mike@cchtml.com] - 1.43.1-1
- Update to 1.43.1
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-01bd4e4d20' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: mingw-python-setuptools-78.1.1-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b2fa8a1954
2025-06-23 01:12:31.832207+00:00
--------------------------------------------------------------------------------

Name : mingw-python-setuptools
Product : Fedora 41
Version : 78.1.1
Release : 1.fc41
URL : https://pypi.python.org/pypi/setuptools
Summary : MinGW Windows Python setuptools library
Description :
MinGW Windows Python setuptools library.

--------------------------------------------------------------------------------
Update Information:

Update to 78.1.1, fixes CVE-2025-47273.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 29 2025 Sandro Mani [manisandro@gmail.com] - 78.1.1-1
- Update to 78.1.1
* Fri Mar 28 2025 Sandro Mani [manisandro@gmail.com] - 78.1.0-1
- Update to 78.1.0
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 74.1.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Tue Jan 7 2025 Sandro Mani [manisandro@gmail.com] - 74.1.3-4
- Add mingw-python-setuptools-shlib-suffix.patch
* Sun Dec 8 2024 Sandro Mani [manisandro@gmail.com] - 74.1.3-3
- Add mingw-python-setuptools_nostrip.patch
* Fri Nov 29 2024 Sandro Mani [manisandro@gmail.com] - 74.1.3-2
- Add mingw-python-setuptools_is_mingw.patch
* Sat Nov 9 2024 Sandro Mani [manisandro@gmail.com] - 74.1.3-1
- Update to 74.1.3
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2372612 - CVE-2025-47273 mingw-python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372612
[ 2 ] Bug #2372614 - CVE-2025-47273 mingw-python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372614
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b2fa8a1954' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: mingw-python-setuptools-78.1.1-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-db489d66e3
2025-06-23 00:52:49.739798+00:00
--------------------------------------------------------------------------------

Name : mingw-python-setuptools
Product : Fedora 42
Version : 78.1.1
Release : 1.fc42
URL : https://pypi.python.org/pypi/setuptools
Summary : MinGW Windows Python setuptools library
Description :
MinGW Windows Python setuptools library.

--------------------------------------------------------------------------------
Update Information:

Update to 78.1.1, fixes CVE-2025-47273.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 29 2025 Sandro Mani [manisandro@gmail.com] - 78.1.1-1
- Update to 78.1.1
* Fri Mar 28 2025 Sandro Mani [manisandro@gmail.com] - 78.1.0-1
- Update to 78.1.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2372612 - CVE-2025-47273 mingw-python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2372612
[ 2 ] Bug #2372614 - CVE-2025-47273 mingw-python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2372614
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-db489d66e3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


KDE neon 20250622 released

GDK-Pixbuf security update for Debian 12

Windows

Linux

macOS

Community

  • Artsyl
    ONTARIO, CANADA – April 23, 2025 – Artsyl Technologies, ...
  • Artsyl
    π˜–π˜―π˜΅π˜’π˜³π˜ͺ𝘰, 𝘊𝘒𝘯𝘒π˜₯𝘒 β€” π˜‘π˜Άπ˜―π˜¦ 18, 2025 β€” π—”π—Ώπ˜π˜€π˜†π—Ή π—§π—²π—°π—΅π—»π—Όπ—Ήπ—Όπ—΄π—Άπ—²π˜€, I ...
  • Artsyl
    May 28, 2025 – Ontario, Canada β€” Artsyl Technologies, a ...