Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 42: FEDORA-2025-e788608959 critical: yelp-xsl file access issue

fedora
Calendar Grey May 21, 2025
Dist Fedora Esm H88
Yelp-xsl has been upgraded to resolve CVE-2025-3155, implementing a solution for vulnerabilities allowing unrestricted file access.
Fix CVE-2025-3155 - arbitrary file-read.

Summary

This package contains XSL stylesheets that are used by the yelp help browser.

Update Information:

Fix CVE-2025-3155 - arbitrary file-read.

Topics%20covered

Topics Covered

security advisory Fedora update notification arbitrary access yelp-xsl file-read

Change Log

* Thu May 15 2025 Jan Grulich - 42.1-7 - Fix CVE-2025-3155 - arbitrary file-read

References


[ 1 ] Bug #2357092 - CVE-2025-3155 yelp: Arbitrary file read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2357092 [ 2 ] Bug #2366258 - yelp-42.2-9.fc42 breaks rendering https://bugzilla.redhat.com/show_bug.cgi?id=2366258

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e788608959' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: yelp-xsl
Product: Fedora 42
Version: 42.1
Release: 7.fc42
URL: https://download.gnome.org/sources/yelp-xsl
Summary: XSL stylesheets for the yelp help browser

Topics%20covered

Topics Covered

security advisory Fedora update notification arbitrary access yelp-xsl file-read

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here