-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2025-96049efbd2 2025-10-07 00:27:29.121060+00:00 --------------------------------------------------------------------------------
Name : chromium Product : Fedora EPEL 10.2 Version : 141.0.7390.54 Release : 1.el10_2 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel information leakage in Storage * Medium CVE-2025-11208: Inappropriate implementation in Media * Medium CVE-2025-11209: Inappropriate implementation in Omnibox * Medium CVE-2025-11210: Side-channel information leakage in Tab * Medium CVE-2025-11211: Out of bounds read in Media * Medium CVE-2025-11212: Inappropriate implementation in Media * Medium CVE-2025-11213: Inappropriate implementation in Omnibox * Medium CVE-2025-11215: Off by one error in V8 * Low CVE-2025-11216: Inappropriate implementation in Storage * Low CVE-2025-11219: Use after free in V8 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2025 Than Ngo <[email protected]> - 141.0.7390.54-1 - Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel information leakage in Storage * Medium CVE-2025-11208: Inappropriate implementation in Media * Medium CVE-2025-11209: Inappropriate implementation in Omnibox * Medium CVE-2025-11210: Side-channel information leakage in Tab * Medium CVE-2025-11211: Out of bounds read in Media * Medium CVE-2025-11212: Inappropriate implementation in Media * Medium CVE-2025-11213: Inappropriate implementation in Omnibox * Medium CVE-2025-11215: Off by one error in V8 * Low CVE-2025-11216: Inappropriate implementation in Storage * Low CVE-2025-11219: Use after free in V8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2381730 - DebugInfo packages aren't being produced. https://bugzilla.redhat.com/show_bug.cgi?id=2381730 [ 2 ] Bug #2400095 - Update chromium-141.0.7390.54 major release [fedora-all, epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2400095 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update chromium' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\ /html/System_Administrators_Guide/ch-yum.html All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ epel-package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
