Fedora Linux has received several security updates, including golang, transfig, yasm, firefox, libinput and transfig:

Fedora 41 Update: golang-1.23.11-1.fc41
Fedora 41 Update: transfig-3.2.9a^20250619.ee3f4d8-1.fc41
Fedora 41 Update: yasm-1.3.0^20250625git121ab15-1.fc41
Fedora 42 Update: firefox-141.0-2.fc42
Fedora 42 Update: libinput-1.28.903-1.fc42
Fedora 42 Update: transfig-3.2.9a^20250619.ee3f4d8-2.fc42

[SECURITY] Fedora 41 Update: golang-1.23.11-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ef6e0fa117
2025-07-23 01:14:06.280640+00:00
--------------------------------------------------------------------------------

Name : golang
Product : Fedora 41
Version : 1.23.11
Release : 1.fc41
URL : https://go.dev
Summary : The Go Programming Language
Description :
The Go Programming Language.

--------------------------------------------------------------------------------
Update Information:

go1.23.11 (released 2025-07-08) includes security fixes to the go command, as
well as bug fixes to the compiler, the linker, and the runtime. See the issue
tracker for details.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 14 2025 Packit [hello@packit.dev] - 1.23.11-1
- Update to 1.23.11 upstream release
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ef6e0fa117' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: transfig-3.2.9a^20250619.ee3f4d8-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-465f43da19
2025-07-23 01:14:06.280613+00:00
--------------------------------------------------------------------------------

Name : transfig
Product : Fedora 41
Version : 3.2.9a^20250619.ee3f4d8
Release : 1.fc41
URL : https://sourceforge.net/projects/mcj/
Summary : Utility for converting FIG files (made by xfig) to other formats
Description :
The transfig utility creates a makefile which translates FIG (created
by xfig) or PIC figures into a specified LaTeX graphics language (for
example, PostScript(TM)). Transfig is used to create TeX documents
which are portable (i.e., they can be printed in a wide variety of
environments).

Install transfig if you need a utility for translating FIG or PIC
figures into certain graphics languages.

--------------------------------------------------------------------------------
Update Information:

Update to latest upstream snapshot ee3f4d841d1ba7d5b1b57544c5068822ca92b1af
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 19 2025 Marian Koncek [mkoncek@redhat.com] - 1:3.2.9a^20250619.ee3f4d8-1
- Update to latest upstream snapshot ee3f4d841d1ba7d5b1b57544c5068822ca92b1af
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373186 - CVE-2025-46399 transfig: Fig2dev Segmentation Fault Vulnerability [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373186
[ 2 ] Bug #2373192 - CVE-2025-46400 transfig: fig2dev segmentation fault in read_arcobject [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373192
[ 3 ] Bug #2373195 - CVE-2025-46398 transfig: fig2dev stack-overflow via read_objects [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373195
[ 4 ] Bug #2373197 - CVE-2025-46397 transfig: fig2dev stack-overflow [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2373197
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-465f43da19' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 41 Update: yasm-1.3.0^20250625git121ab15-1.fc41

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-5bd2ac3698
2025-07-23 01:14:06.280578+00:00
--------------------------------------------------------------------------------

Name : yasm
Product : Fedora 41
Version : 1.3.0^20250625git121ab15
Release : 1.fc41
URL : http://yasm.tortall.net/
Summary : Modular Assembler
Description :
Yasm is a complete rewrite of the NASM assembler under the "new" BSD License
(some portions are under other licenses, see COPYING for details). It is
designed from the ground up to allow for multiple assembler syntaxes to be
supported (eg, NASM, TASM, GAS, etc.) in addition to multiple output object
formats and even multiple instruction sets. Another primary module of the
overall design is an optimizer module.

--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2024-22653 .
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 15 2025 Dominik Mierzejewski [dominik@greysector.net] - 1.3.0^20250625git121ab15-1
- update to git 121ab15
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1.3.0^20230922git9defefa-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
- fix build with GCC 15
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2369457 - CVE-2024-22653 yasm: Null pointer dereference in yasm [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2369457
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-5bd2ac3698' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: firefox-141.0-2.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-81e513fb49
2025-07-23 00:57:56.630668+00:00
--------------------------------------------------------------------------------

Name : firefox
Product : Fedora 42
Version : 141.0
Release : 2.fc42
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

--------------------------------------------------------------------------------
Update Information:

Updated to latest upstream (141.0)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jul 18 2025 Martin Stransky [stransky@redhat.com] - 141.0-2
- Respin 141.0 build 2
* Thu Jul 17 2025 Martin Stransky [stransky@redhat.com] - 141.0-1
- Update to latest upstream (141.0)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-81e513fb49' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: libinput-1.28.903-1.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-deb3a02c42
2025-07-23 00:57:56.630656+00:00
--------------------------------------------------------------------------------

Name : libinput
Product : Fedora 42
Version : 1.28.903
Release : 1.fc42
URL : http://www.freedesktop.org/wiki/Software/libinput/
Summary : Input device library
Description :
libinput is a library that handles input devices for display servers and other
applications that need to directly deal with input devices.

It provides device detection, device handling, input device event processing
and abstraction so minimize the amount of custom input code the user of
libinput need to provide the common set of functionality that users expect.

--------------------------------------------------------------------------------
Update Information:

libinput 1.28.903 - fixes key events accidentally printed (and thus logged to
the system log) if debug logs were enabled at the compositor level.
Only affects the recent 1.28.901 and 1.28.902 releases, mutter/wlroots are
unaffected but kwin and Xorg may log depending on whether the user has
enabled debug logging (which is unlikely).
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 21 2025 Peter Hutterer [peter.hutterer@redhat.com] - 1.28.903-1
- libinput 1.28.903 (#2382208)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2382208 - libinput potentially logs key codes into system logs
https://bugzilla.redhat.com/show_bug.cgi?id=2382208
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-deb3a02c42' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--

[SECURITY] Fedora 42 Update: transfig-3.2.9a^20250619.ee3f4d8-2.fc42

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ea5c403b3e
2025-07-23 00:57:56.630601+00:00
--------------------------------------------------------------------------------

Name : transfig
Product : Fedora 42
Version : 3.2.9a^20250619.ee3f4d8
Release : 2.fc42
URL : https://sourceforge.net/projects/mcj/
Summary : Utility for converting FIG files (made by xfig) to other formats
Description :
The transfig utility creates a makefile which translates FIG (created by xfig)
or PIC figures into a specified LaTeX graphics language (for example,
PostScript(TM)). Transfig is used to create TeX documents which are portable
(i.e., they can be printed in a wide variety of environments).

Install transfig if you need a utility for translating FIG or PIC figures into
certain graphics languages.

--------------------------------------------------------------------------------
Update Information:

Add smoke tests
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul 14 2025 Marian Koncek [mkoncek@redhat.com] - 1:3.2.9a^20250619.ee3f4d8-2
- Add smoke tests
* Thu Jun 19 2025 Marian Koncek [mkoncek@redhat.com] - 1:3.2.9a^20250619.ee3f4d8-1
- Update to latest upstream snapshot
ee3f4d841d1ba7d5b1b57544c5068822ca92b1af
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373187 - CVE-2025-46399 transfig: Fig2dev Segmentation Fault Vulnerability [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373187
[ 2 ] Bug #2373193 - CVE-2025-46400 transfig: fig2dev segmentation fault in read_arcobject [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373193
[ 3 ] Bug #2373196 - CVE-2025-46398 transfig: fig2dev stack-overflow via read_objects [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373196
[ 4 ] Bug #2373198 - CVE-2025-46397 transfig: fig2dev stack-overflow [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373198
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ea5c403b3e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--