Fedora 41 Update: expat-2.7.2-1.fc41
Fedora 41 Update: libssh-0.11.3-1.fc41
Fedora 42 Update: webkitgtk-2.50.0-1.fc42
Fedora 43 Update: chromium-140.0.7339.185-1.fc43
[SECURITY] Fedora 41 Update: expat-2.7.2-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-d936540ef5
2025-09-24 15:53:08.490048+00:00
--------------------------------------------------------------------------------
Name : expat
Product : Fedora 41
Version : 2.7.2
Release : 1.fc41
URL : https://libexpat.github.io/
Summary : An XML parser library
Description :
This is expat, the C library for parsing XML, written by James Clark. Expat
is a stream oriented XML parser. This means that you register handlers with
the parser prior to starting the parse. These handlers are called when the
parser discovers the associated structures in the document being parsed. A
start tag is an example of the kind of structures for which you may
register handlers.
--------------------------------------------------------------------------------
Update Information:
Rebase to 2.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2025 Tomas Korbar [tkorbar@redhat.com] - 2.7.2-1
- Rebase to 2.7.2
* Wed Jul 23 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.7.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Mon Jun 9 2025 psklenar@redhat.com [psklenar@redhat.com] - 2.7.1-2
- fedora CI plans move to gitlab for centos-stream test space
https://issues.redhat.com/browse/RHELMISC-13073
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2395119 - CVE-2025-59375 expat: From CVEorg collector [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2395119
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-d936540ef5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: libssh-0.11.3-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-88ec28aaee
2025-09-24 15:53:08.490000+00:00
--------------------------------------------------------------------------------
Name : libssh
Product : Fedora 41
Version : 0.11.3
Release : 1.fc41
URL : http://www.libssh.org
Summary : A library implementing the SSH protocol
Description :
The ssh library was designed to be used by programmers needing a working SSH
implementation by the mean of a library. The complete control of the client is
made by the programmer. With libssh, you can remotely execute programs, transfer
files, use a secure and transparent tunnel for your remote programs. With its
Secure FTP implementation, you can play with remote files easily, without
third-party programs others than libcrypto (from openssl).
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing the following security weaknesses (CVE-2025-8114,
CVE-2025-8277)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 9 2025 Jakub Jelen [jjelen@redhat.com] - 0.11.3-1
- New upstream release fixing the following security weaknesses:
- CVE-2025-8114: Fix NULL pointer dereference after allocation failure
- CVE-2025-8277: Fix memory leak of ephemeral key pair during repeated wrong KEX
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.11.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2383236 - Private bug
https://bugzilla.redhat.com/show_bug.cgi?id=2383236
[ 2 ] Bug #2394021 - libssh-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2394021
[ 3 ] Bug #2394047 - CVE-2025-8277 libssh: Memory Exhaustion via Repeated Key Exchange in libssh [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2394047
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-88ec28aaee' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: webkitgtk-2.50.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-fcc043d407
2025-09-25 01:04:37.279331+00:00
--------------------------------------------------------------------------------
Name : webkitgtk
Product : Fedora 42
Version : 2.50.0
Release : 1.fc42
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
--------------------------------------------------------------------------------
Update Information:
Update to 2.50.0:
Improved rendering performance by recording each layer once and replaying every
dirty region in different worker threads.
Enable damage propagation to the UI process by default.
CSS property font-variant-emoji is now enabled by default.
Font synthesis properties (bold/italic) are now properly handled.
Ensure web view is focused on tap gesture.
Added new API to get the theme color of a WebKitWebView.
Fix CVE-2025-43272, CVE-2025-43342, CVE-2025-43356, CVE-2025-43368
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 19 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.50.0-1
- Update to 2.50.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2397882 - CVE-2025-43368 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2397882
[ 2 ] Bug #2397887 - CVE-2025-43356 webkitgtk: A website may be able to access sensor information without user consent [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2397887
[ 3 ] Bug #2397892 - CVE-2025-43342 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2397892
[ 4 ] Bug #2397897 - CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2397897
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-fcc043d407' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 43 Update: chromium-140.0.7339.185-1.fc43
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2cec357f64
2025-09-25 00:15:47.567867+00:00
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 43
Version : 140.0.7339.185
Release : 1.fc43
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
- Update to 140.0.7339.185
* CVE-2025-10585: Type Confusion in V8
* CVE-2025-10500: Use after free in Dawn
* CVE-2025-10501: Use after free in WebRTC
* CVE-2025-10502: Heap buffer overflow in ANGLE
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2025 Than Ngo [than@redhat.com] - 140.0.7339.185-1
- Update to 140.0.7339.185
* CVE-2025-10585: Type Confusion in V8
* CVE-2025-10500: Use after free in Dawn
* CVE-2025-10501: Use after free in WebRTC
* CVE-2025-10502: Heap buffer overflow in ANGLE
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2397662 - CVE-2025-10585 chromium: Google Chromium V8 Type Confusion Vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2397662
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2cec357f64' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
