Fedora 42: perl-Alien-Brotli Faces Critical Denial-of-Service Risk
fedora
December 18, 2025
Update brotli to 1.2.0
Summary
This distribution installs the brotli compressor, so that it can be used by
other distributions, and provides a way to find the executable.
Update Information:
Update brotli to 1.2.0. This update provides the necessary Python APIs in python3-brotli to fix denial- of-service security issues related to \u201cdecompression bombs,\u201d such as CVE-2025-66471 or CVE-2025-6176, but actually fixing them would require separate updates in affected packages.
Change Log
* Wed Dec 10 2025 Miro Hron\u010dok
References
[ 1 ] Bug #2419491 - CVE-2025-6176 brotli: Brotli decompression bomb DoS in scrapy/scrapy [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2419491
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-9e233a4e22' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Name: perl-Alien-Brotli
Product: Fedora 42
Version: 0.2.2
Release: 11.fc42
Summary: Find and install the Brotli compressor
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!