Fedora Security Advisories

FEDORA-2025-0b264b890c Packages in this update:

• chromium-140.0.7339.207-1.fc41

Update description:

Update to 140.0.7339.207

* CVE-2025-10890: Side-channel information leakage in V8 * CVE-2025-10891: Integer overflow in V8 * CVE-2025-10892: Integer overflow in V8

FEDORA-2025-6d1ba4a93e Packages in this update:

• chromium-140.0.7339.207-1.fc42

Update description:

Update to 140.0.7339.207

* CVE-2025-10890: Side-channel information leakage in V8 * CVE-2025-10891: Integer overflow in V8 * CVE-2025-10892: Integer overflow in V8

FEDORA-2025-c161defb4d Packages in this update:

• chromium-140.0.7339.207-1.fc43

Update description:

Update to 140.0.7339.207

* CVE-2025-10890: Side-channel information leakage in V8 * CVE-2025-10891: Integer overflow in V8 * CVE-2025-10892: Integer overflow in V8

FEDORA-EPEL-2025-ccbb79f04d Packages in this update:

• firebird-4.0.6.3221-1.1.el9

Update description:

4.0.6.3221

FEDORA-EPEL-2025-b68bd8369e Packages in this update:

• firebird-4.0.6.3221-1.1.el8

Update description:

4.0.6.3221

FEDORA-2025-10462d0b3e Packages in this update:

• firebird-4.0.6.3221-1.fc43

Update description:

4.0.6.3221

FEDORA-2025-2d3009f39f Packages in this update:

• firebird-4.0.6.3221-1.fc41

Update description:

4.0.6.3221

FEDORA-2025-d24499a627 Packages in this update:

• firebird-4.0.6.3221-1.fc42

Update description:

4.0.6.3221

FEDORA-EPEL-2025-14fc89bc9b Packages in this update:

• mupdf-1.25.4-3.el10_1

Update description:

fix rhbz#2397700

FEDORA-2025-4651fb3c55 Packages in this update:

• mupdf-1.25.4-3.fc41

Update description:

fix rhbz#2397702

FEDORA-EPEL-2025-c693c72050 Packages in this update:

• mupdf-1.25.4-3.el10_2

Update description:

fix rhbz#2397700

FEDORA-2025-562364d434 Packages in this update:

• mupdf-1.26.3-4.fc42

Update description:

fix rhbz#2397703

FEDORA-2025-f2bfde9326 Packages in this update:

• webkitgtk-2.50.0-2.fc41

Update description:

Update to 2.50.0:

• Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads.
• Enable damage propagation to the UI process by default.
• CSS property font-variant-emoji is now enabled by default.
• Font synthesis properties (bold/italic) are now properly handled.
• Ensure web view is focused on tap gesture.
• Added new API to get the theme color of a WebKitWebView.
• Fix CVE-2025-43272, CVE-2025-43342, CVE-2025-43356, CVE-2025-43368

FEDORA-2025-bc6408ea0e Packages in this update:

• libtiff-4.7.0-9.fc44

Update description:

Automatic update for libtiff-4.7.0-9.fc44.

Changelog * Wed Sep 24 2025 Michal Hlavinka <mhlavink@redhat.com> - 4.7.0-9 - fix CVE-2025-8961 memory corruption in tiffcrop(rhbz#2388596)

FEDORA-EPEL-2025-04455338f9 Packages in this update:

• rust-astral-tokio-tar-0.5.5-1.el10_0
• rust-flate2-1.1.2-1.el10_0
• rust-rustls-0.23.23-2.el10_0
• uv-0.6.17-2.el10_0

Update description:

Security update for path traversal CVE-2025-59825 / GHSA-3wgq-wrwc-vqmv.

FEDORA-EPEL-2025-9b9bfff5fa Packages in this update:

• rust-astral-tokio-tar-0.5.5-1.el10_1
• uv-0.8.11-4.el10_1

Update description:

Security update for path traversal CVE-2025-59825 / GHSA-3wgq-wrwc-vqmv.

FEDORA-EPEL-2025-37d065cdf4 Packages in this update:

• rust-astral-tokio-tar-0.5.5-1.el10_2
• uv-0.8.11-4.el10_2

Update description:

Security update for path traversal CVE-2025-59825 / GHSA-3wgq-wrwc-vqmv.

FEDORA-2025-414364f69d Packages in this update:

• rust-astral-tokio-tar-0.5.5-1.fc41
• uv-0.8.11-4.fc41

Update description:

Security update for path traversal CVE-2025-59825 / GHSA-3wgq-wrwc-vqmv.

FEDORA-2025-5e50082948 Packages in this update:

• rust-astral-tokio-tar-0.5.5-1.fc42
• uv-0.8.11-4.fc42

Update description:

Security update for path traversal CVE-2025-59825 / GHSA-3wgq-wrwc-vqmv.

FEDORA-2025-b3cc3be834 Packages in this update:

• rust-astral-tokio-tar-0.5.5-1.fc43
• uv-0.8.11-4.fc43

Update description:

Security update for path traversal CVE-2025-59825 / GHSA-3wgq-wrwc-vqmv.

Rebuilt for Python 3.14.0rc3 bytecode change