Explore top 10 tips to secure your open-source projects now. Read More
×Glow is a terminal based markdown reader designed from the ground up to bring
out the beauty\u2014and power\u2014of the CLI. Use it to discover markdown files, read
documentation directly on the command line. Glow will find local markdown
files in subdirectories or a local Git repository.
Update Information:
Update to version 2.1.2. This also updates some of the vendored dependencies to fix CVEs, as well as building with the latest golang to fix even more CVEs.
* Wed Apr 22 2026 Carl George
[ 1 ] Bug #2408174 - CVE-2025-58189 glow: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408174
[ 2 ] Bug #2409644 - CVE-2025-61723 glow: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2409644
[ 3 ] Bug #2410595 - CVE-2025-58185 glow: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2410595
[ 4 ] Bug #2411493 - CVE-2025-58188 glow: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2411493
[ 5 ] Bug #2457076 - glow-2.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2457076
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6d67b00ef1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.