Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

CVE-2025-58185 Advisory: Important Fedora 43 Chroma Package Update

fedora
Calendar Grey December 30, 2025
Dist Fedora Esm H88
Fedora 43 users need to upgrade golang-github-alecthomas-chroma-2 for CVE-2025-58185 to ensure system safety and integrity.
Rebuilt for CVE-2025-58185

Summary

A general purpose syntax highlighter in pure Go.

Update Information:

Rebuilt for CVE-2025-58185

Change Log

* Sun Dec 21 2025 W. Michael Petullo - 2.14.0-6 - Rebuilt for CVE-2025-58185

References


[ 1 ] Bug #2408184 - CVE-2025-58189 golang-github-alecthomas-chroma-2: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408184

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cfdd59f20f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: golang-github-alecthomas-chroma-2
Product: Fedora 43
Version: 2.14.0
Release: 6.fc43
Summary: A general purpose syntax highlighter in pure Go

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here