Fedora 40 Update: giflib-5.2.2-6.fc40
Fedora 42 Update: firefox-138.0-1.fc42
Fedora 42 Update: thunderbird-128.9.2-1.fc42
[SECURITY] Fedora 40 Update: giflib-5.2.2-6.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7d0fc65561
2025-05-01 02:16:23.454617+00:00
--------------------------------------------------------------------------------
Name : giflib
Product : Fedora 40
Version : 5.2.2
Release : 6.fc40
URL : http://www.sourceforge.net/projects/giflib/
Summary : A library and utilities for processing GIFs
Description :
giflib is a library for reading and writing gif images.
--------------------------------------------------------------------------------
Update Information:
Backport proposed fix for CVE-2025-31344 from OpenMandriva.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 15 2025 Sandro Mani [manisandro@gmail.com] - 5.2.2-6
- Add proposed patch for CVE-2025-31334
* Wed Apr 2 2025 Benson Muite [fed500@fedoraproject.org] - 5.2.2-5
- Rename getarg.h to gif_getarg.h
* Wed Apr 2 2025 Benson Muite [fed500@fedoraproject.org] - 5.2.2-4
- Install getarg.h header file
* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 5.2.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2359431 - CVE-2025-31344 giflib: The giflib open-source component has a buffer overflow vulnerability [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2359431
[ 2 ] Bug #2359442 - CVE-2025-31344 giflib: The giflib open-source component has a buffer overflow vulnerability [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2359442
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7d0fc65561' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: firefox-138.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-908a30fd98
2025-05-01 02:05:20.605259+00:00
--------------------------------------------------------------------------------
Name : firefox
Product : Fedora 42
Version : 138.0
Release : 1.fc42
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream (138.0)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 26 2025 Bojan Smojver [bojan@rexursive.com] - 138.0-1
- Add fix for mzbz#1957628
- Remove browser/features/*.xpi files, no longer shipped
* Tue Apr 22 2025 Martin Stransky [stransky@redhat.com] - 138.0-1
- Updated to 138.0
* Tue Apr 22 2025 Martin Stransky [stransky@redhat.com] - 137.0.2-3
- Added fix for rhbz#2358565
* Wed Apr 16 2025 Martin Stransky [stransky@redhat.com] - 137.0.2-2
- Added fix for mzbz#1951249
* Wed Apr 16 2025 Martin Stransky [stransky@redhat.com] - 137.0.2-1
- Update 137.0.2
* Mon Apr 14 2025 Martin Stransky [stransky@redhat.com] - 137.0.1-1
- Update 137.0.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-908a30fd98' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: thunderbird-128.9.2-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-013f8d6631
2025-05-01 02:05:20.605230+00:00
--------------------------------------------------------------------------------
Name : thunderbird
Product : Fedora 42
Version : 128.9.2
Release : 1.fc42
URL : http://www.mozilla.org/projects/thunderbird/
Summary : Mozilla Thunderbird mail/newsgroup client
Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.
--------------------------------------------------------------------------------
Update Information:
Update to 128.9.2
https://www.thunderbird.net/en-US/thunderbird/128.9.0esr/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/128.9.1esr/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/128.9.2esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 17 2025 Eike Rathke [erack@redhat.com] - 128.9.2-1
- Update to 128.9.2
* Wed Apr 2 2025 Eike Rathke [erack@redhat.com] - 128.9.0-1
- Update to 128.9.0
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-013f8d6631' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
