Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 41 Major Update: Security Advisory 2025-c858874183 Critical Overflow

fedora
Calendar Grey March 9, 2025
Dist Fedora Esm H88
News from Fedora 41 regarding a serious buffer over-read vulnerability within the qt6-qtwebengine modules. Resolution now accessible.
Unbundle libxml2.

Summary

Qt6 - QtWebEngine components.

Update Information:

Unbundle libxml2.

Topics%20covered

Topics Covered

security advisory update critical Fedora libxml2 buffer over-read qt6-qtwebengine

Change Log

* Tue Mar 4 2025 Jan Grulich - 6.8.2-4 - Unbundle libxml and libxslt * Mon Mar 3 2025 Jan Grulich - 6.8.2-3 - Rework OpenH264 support following Chromium package - Backport upstream change for ffmpeg codec selection issues. * Mon Feb 17 2025 Jan Grulich - 6.8.2-2 - Bump build for ppc64le enablement

References


[ 1 ] Bug #2280538 - CVE-2024-34459 qt6-qtwebengine: libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2280538

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c858874183' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: qt6-qtwebengine
Product: Fedora 41
Version: 6.8.2
Release: 4.fc41
URL: http://www.qt.io
Summary: Qt6 - QtWebEngine components

Topics%20covered

Topics Covered

security advisory update critical Fedora libxml2 buffer over-read qt6-qtwebengine

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here