Fedora 42: vgrep Critical CVE-2025-47906 Security Patch Advisory
fedora
November 1, 2025
Rebuild for CVE-2025-47906
Summary
vgrep is a pager for grep, git-grep, ripgrep and similar grep implementations,
and allows for opening the indexed file locations in a user-specified editor
such as vim or emacs. vgrep is inspired by the ancient cgvg scripts but
extended to perform further operations such as listing statistics of files and
directory trees or showing the context lines before and after the matches.
Update Information:
Rebuild for CVE-2025-47906. https://pkg.go.dev/vuln/GO-2025-3956
Topics Covered
Change Log
* Thu Oct 23 2025 Carl George
References
[ 1 ] Bug #2399579 - CVE-2025-47906 vgrep: Unexpected paths returned from LookPath in os/exec [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2399579
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6738ea943a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: vgrep
Product: Fedora 42
Version: 2.8.0
Release: 4.fc42
Summary: User-friendly pager for grep
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!