Apply fix for CVE-2025-9300
Comment
Archive for Fedora Linux Distribution – Security Advisories
2762 results.
Apply fix for CVE-2025-9300
Update to release v0.27.0 Resolves: rhvz#2388453, rhbz#2384137, rhbz#2384154 Upstream new features and fixes
Exiv2 0.28.6 + patch to fix silent abi breakage Exiv2 v0.28.6 (Fixes two low severity CVEs)
Update to 139.0.7258.154 CVE-2025-9478: Use after free in ANGLE
CVE-2025-8067 Out-Of-Bounds Read in UDisks Daemon
CVE-2025-8010: Type Confusion in V8 CVE-2025-8011: Type Confusion in V8 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome
Update to release v0.27.0 Resolves: rhvz#2388453, rhbz#2384137, rhbz#2384154 Upstream new features and fixes
Remove prebuild libffts.a library
Update to 139.0.7258.154 CVE-2025-9478: Use after free in ANGLE
Update to latest upstream (142.0.1) Updated to new upstream release (142.0)
Updated to 139.0.7258.138 CVE-2025-9132: Out of bounds write in V8
Rebase to new version resolves CVE-2025-31492
Update to upstream version 0.2.8 Update idna dependency to a version not affected by CVE-2024-12224
fix CVE-2025-9165: memory leak in tiffcmp (rhbz#2389608)
fix CVE-2025-8534: null pointer dereference in tiff2ps (rhbz#2386494) fix CVE-2024-13978: null pointer dereference in tiff2pdf (rhbz#2386201)
Updated to 139.0.7258.138 CVE-2025-9132: Out of bounds write in V8
Python 3.13.7 is the seventh maintenance release of 3.13. 3.13.7 is an expedited release to fix a significant issue with the 3.13.6 release: gh-137583: Regression in ssl module between 3.13.5 and 3.13.6: reading from a TLS-encrypted connection blocks
Python 3.13.7 is the seventh maintenance release of 3.13. 3.13.7 is an expedited release to fix a significant issue with the 3.13.6 release: gh-137583: Regression in ssl module between 3.13.5 and 3.13.6: reading from a TLS-encrypted connection blocks
Security fixes Bumped the minimum github.com/go-viper/mapstructure/v2 version to 2.3.0 for GHSA-fv92-fjc5-jj9h or GO-2025-3787 Bumped the minimum github.com/NVIDIA/nvidia-container-toolkit version to 1.17.8 for CVE-2025-23266 and CVE-2025-23267
Update to release v1.31.12 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fix
Update to release v1.32.7 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes
Update to 1.67.0 Update to 1.66.0
Update to release v1.32.7 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes
Update to release v1.33.4 Resolves: rhbz#2388412 Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes
Update to release v1.31.12 Resolves: rhbz#2388412 Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fix
Update to v1.136.0 Update to 1.135.2 Update to 1.135.0
Update to version 0.4.11. This version includes a fix for CVE-2025-55159, but there are zero packages in Fedora or EPEL that use the affected API, so no rebuilds are necessary.
CVE-2025-53537: HIGH CVE-2025-53538: HIGH
Security fix for CVE-2025-8194