Mbed TLS, Chromium, Python updates for Fedora 42

Fedora Linux 9174 Published by

Fedora 42 has received updates for several packages to address security vulnerabilities. The Mbed TLS package has been updated to version 3.6.5, fixing an unspecified issue. Additionally, Chromium has been updated to version 141.0.7390.107 to address a use-after-free vulnerability (CVE-2025-11756) in Safe Browsing. Furthermore, the python3.12 package has been updated to version 3.12.12 to address three security vulnerabilities: CVE-2025-6069, CVE-2025-8194, and CVE-2025-8291.

Fedora 42 Update: mbedtls-3.6.5-1.fc42
Fedora 42 Update: chromium-141.0.7390.107-1.fc42
Fedora 42 Update: python3.12-3.12.12-1.fc42




[SECURITY] Fedora 42 Update: mbedtls-3.6.5-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-7c8f6f12d1
2025-10-20 01:02:41.511811+00:00
--------------------------------------------------------------------------------

Name : mbedtls
Product : Fedora 42
Version : 3.6.5
Release : 1.fc42
URL : https://www.trustedfirmware.org/projects/mbed-tls
Summary : Light-weight cryptographic and SSL/TLS library
Description :
Mbed TLS is a light-weight open source cryptographic and SSL/TLS
library written in C. Mbed TLS makes it easy for developers to include
cryptographic and SSL/TLS capabilities in their (embedded)
applications with as little hassle as possible.

--------------------------------------------------------------------------------
Update Information:

Update to 3.6.5
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.5
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 16 2025 Morten Stevens [mstevens@fedoraproject.org] - 3.6.5-1
- Update to 3.6.5
* Thu Jul 24 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.6.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-7c8f6f12d1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: chromium-141.0.7390.107-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-008cb0e5fe
2025-10-20 01:02:41.511816+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 42
Version : 141.0.7390.107
Release : 1.fc42
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update 141.0.7390.107
* High CVE-2025-11756: Use after free in Safe Browsing
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 15 2025 Than Ngo [than@redhat.com] - 141.0.7390.107-1
- Update 141.0.7390.107
* High CVE-2025-11756: Use after free in Safe Browsing
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2403507 - CVE-2025-11756 - Update chromium to 141.0.7390.107 [fedora-all, epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2403507
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-008cb0e5fe' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 42 Update: python3.12-3.12.12-1.fc42


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-489e2f5272
2025-10-20 01:02:41.511793+00:00
--------------------------------------------------------------------------------

Name : python3.12
Product : Fedora 42
Version : 3.12.12
Release : 1.fc42
URL : https://www.python.org/
Summary : Version 3.12 of the Python interpreter
Description :
Python 3.12 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.12 package provides the "python3.12" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.12-libs package,
which should be installed automatically along with python3.12.
The remaining parts of the Python standard library are broken out into the
python3.12-tkinter and python3.12-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.12-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.12-" prefix.

--------------------------------------------------------------------------------
Update Information:

Update to 3.12.12
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 10 2025 Karolina Surma [ksurma@redhat.com] - 3.12.12-1
- Update to 3.12.12
* Fri Jul 25 2025 Fedora Release Engineering [releng@fedoraproject.org] - 3.12.11-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2373249 - CVE-2025-6069 python3.12: Python HTMLParser quadratic complexity [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2373249
[ 2 ] Bug #2384077 - CVE-2025-8194 python3.12: Cpython infinite loop when parsing a tarfile [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2384077
[ 3 ] Bug #2402873 - CVE-2025-8291 python3.12: Python zipfile End of Central Directory (EOCD) Locator record offset not checked [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2402873
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-489e2f5272' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


PikaOS 25.10.14 released

Kernel and Kernel-RT updates for RHEL

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...