Chromium update for Fedora 42

Fedora Linux 9021 Published 2025-06-30 06:50 by Philipp Esselbach

News

A Chromium security update has been released for Fedora Linux:

Fedora 42 Update: chromium-138.0.7204.49-1.fc42

[SECURITY] Fedora 42 Update: chromium-138.0.7204.49-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1a665fa5c8
2025-06-30 02:21:06.058664+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 42
Version : 138.0.7204.49
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 138.0.7204.49
CVE-2025-6555: Use after free in Animation
CVE-2025-6556: Insufficient policy enforcement in Loader
CVE-2025-6557: Insufficient data validation in DevTools
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 24 2025 Than Ngo [than@redhat.com] - 138.0.7204.49-1
- Update to 138.0.7204.49
* CVE-2025-6555: Use after free in Animation
* CVE-2025-6556: Insufficient policy enforcement in Loader
* CVE-2025-6557: Insufficient data validation in DevTools
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2374686 - CVE-2025-6555 chromium: Chromium use after free vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374686
[ 2 ] Bug #2374687 - CVE-2025-6557 chromium: Chromium data validation vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374687
[ 3 ] Bug #2374688 - CVE-2025-6556 chromium: Chromium policy enforcement vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374688
[ 4 ] Bug #2374689 - CVE-2025-6555 chromium: Chromium use after free vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374689
[ 5 ] Bug #2374690 - CVE-2025-6556 chromium: Chromium policy enforcement vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374690
[ 6 ] Bug #2374691 - CVE-2025-6557 chromium: Chromium data validation vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2374691
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1a665fa5c8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

GE-Proton10-5 released

Libblockdev security update for RHEL

Chromium update for Fedora 42

[SECURITY] Fedora 42 Update: chromium-138.0.7204.49-1.fc42

Windows

Linux

macOS

Community