Fedora Linux has recently rolled out a series of security updates for various packages, addressing vulnerabilities and enhancing functionality. These updates include critical software such as toolbox, clash-meta, chromium, mingw-python3, php-adodb, and openjpeg.
- Clash-Meta (Fedora 42): Upgraded to version 1.19.12, this network proxy tool has implemented systemd sandboxing features to mitigate remote code execution risks.
- Chromium (Fedora 41): The browser received an update to version 139.0.7258.66, patching several critical vulnerabilities including use-after-free errors and inappropriate implementations across various functionalities.
- Mingw-Python3 (Fedora 41 and 42): Both versions have been backported with a fix for CVE-2025-8194, which involves a potential infinite loop when parsing tar files.
- Php-Adodb (Fedora 41 and 42): This database abstraction library has been updated to version 5.22.10 to address an SQL injection vulnerability.
- Openjpeg (Fedora 42): Updated to version 2.5.3, this library's update addresses an out-of-bounds heap memory write vulnerability.
Key Updates:
- Toolbox (Fedora 42): Updated to version 0.2, it includes security fixes addressing vulnerabilities related to Go modules and NVIDIA container toolkit. Additionally, it improves error handling and restores access to CA certificates in SSH sessions.- Clash-Meta (Fedora 42): Upgraded to version 1.19.12, this network proxy tool has implemented systemd sandboxing features to mitigate remote code execution risks.
- Chromium (Fedora 41): The browser received an update to version 139.0.7258.66, patching several critical vulnerabilities including use-after-free errors and inappropriate implementations across various functionalities.
- Mingw-Python3 (Fedora 41 and 42): Both versions have been backported with a fix for CVE-2025-8194, which involves a potential infinite loop when parsing tar files.
- Php-Adodb (Fedora 41 and 42): This database abstraction library has been updated to version 5.22.10 to address an SQL injection vulnerability.
- Openjpeg (Fedora 42): Updated to version 2.5.3, this library's update addresses an out-of-bounds heap memory write vulnerability.
Installation Instructions:
Users are encouraged to install these updates using the `dnf` package manager, which can be done by executing the command:bashsu -c 'dnf upgrade --advisory [ADVISORY_CODE]'where `[ADVISORY_CODE]` corresponds to each specific update notification.
Additional Notes:
All packages are signed with the Fedora Project GPG key, ensuring authenticity and integrity. For further details on the GPG keys or the updates themselves, users can refer to the Fedora Project's official documentation.Future Considerations:
As cybersecurity threats continue to evolve, it is crucial for users to remain vigilant and keep their systems updated. Regularly reviewing update notifications and applying patches promptly can help mitigate vulnerabilities and enhance overall system security. Additionally, developers and contributors to Fedora should continue to prioritize security in their updates and patches to maintain a secure ecosystem for all usersToolbox, Clash-Meta, Chromium, and more updates for Fedora
Fedora Linux has received several security updates, including toolbox, clash-meta, chromium, mingw-python3, php-adodb and openjpeg:
Fedora 42 Update: toolbox-0.2-1.fc42
Fedora 42 Update: clash-meta-1.19.12-1.fc42
Fedora 41 Update: chromium-139.0.7258.66-1.fc41
Fedora 41 Update: mingw-python3-3.11.13-4.fc41
Fedora 41 Update: php-adodb-5.22.10-1.fc41
Fedora 42 Update: openjpeg-2.5.3-8.fc42
Fedora 42 Update: mingw-python3-3.11.13-4.fc42
Fedora 42 Update: php-adodb-5.22.10-1.fc42Toolbox, Clash-Meta, Chromium, and more updates for Fedora @ Linux Compatible
