Fedora 41 glow 2.1.1 important: CVE-2025-22872 input issue
fedora
June 27, 2025
Update to version 2.1.1 for various bugfixes
Summary
Glow is a terminal based markdown reader designed from the ground up to bring
out the beautyâand powerâof the CLI. Use it to discover markdown files, read
documentation directly on the command line. Glow will find local markdown
files in subdirectories or a local Git repository.
Update Information:
Update to version 2.1.1 for various bugfixes. This also fixes CVE-2025-22872 in the bundled golang.org/x/net/html.
Topics Covered
Change Log
* Wed Jun 18 2025 Carl George
References
[ 1 ] Bug #2360594 - CVE-2025-22872 glow: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2360594 [ 2 ] Bug #2369460 - glow-2.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2369460
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-0f0b3d191c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Name: glow
Product: Fedora 41
Version: 2.1.1
Release: 1.fc41
Summary: Terminal based markdown reader
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!