CVE-2025-58185 Advisory: Important Fedora 43 Chroma Package Update
fedora
December 30, 2025
Rebuilt for CVE-2025-58185
Summary
A general purpose syntax highlighter in pure Go.
Update Information:
Rebuilt for CVE-2025-58185
Topics Covered
Change Log
* Sun Dec 21 2025 W. Michael Petullo
References
[ 1 ] Bug #2408184 - CVE-2025-58189 golang-github-alecthomas-chroma-2: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2408184
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cfdd59f20f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: golang-github-alecthomas-chroma-2
Product: Fedora 43
Version: 2.14.0
Release: 6.fc43
Summary: A general purpose syntax highlighter in pure Go
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!