-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6e0627440a 2025-12-25 00:52:05.391393+00:00 --------------------------------------------------------------------------------
Name : retroarch Product : Fedora 43 Version : 1.22.0 Release : 1.fc43 URL : https://www.libretro.com/ Summary : Cross-platform, sophisticated frontend for the libretro API. Description : libretro is an API that exposes generic audio/video/input callbacks. A frontend for libretro (such as RetroArch) handles video output, audio output, input and application lifecycle. A libretro core written in portable C or C++ can run seamlessly on many platforms with very little to no porting effort. While RetroArch is the reference frontend for libretro, several other projects have used the libretro interface to include support for emulators and/or game engines. libretro is completely open and free for anyone to use. For how to download and install more libretro cores please read included README.fedora.md file. -------------------------------------------------------------------------------- Update Information: Update to 1.22.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 18 2025 Artem Polishchuk <[email protected]> - 1.22.0-1 - Update to 1.22.0 * Thu Nov 6 2025 Dominik 'Rathann' Mierzejewski <[email protected]> - 1.19.0-15 - Fixed build with FFmpeg 8 * Wed Oct 15 2025 Dominik 'Rathann' Mierzejewski <[email protected]> - 1.19.0-14 - Rebuilt for FFmpeg 8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2290413 - retroarch-1.22.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2290413 [ 2 ] Bug #2381834 - CVE-2025-53817 retroarch: 7-Zip Null pointer array write [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2381834 [ 3 ] Bug #2381837 - CVE-2025-53816 retroarch: 7-Zip heap buffer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2381837 [ 4 ] Bug #2387650 - CVE-2025-55188 retroarch: 7-Zip Symbolic Link Extraction Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2387650 [ 5 ] Bug #2389431 - CVE-2025-9136 retroarch: libretro RetroArch file_stream.c filestream_vscanf out-of-bounds [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2389431 [ 6 ] Bug #2415383 - Broken AppStream metadata https://bugzilla.redhat.com/show_bug.cgi?id=2415383 [ 7 ] Bug #2418241 - CVE-2025-11001 retroarch: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2418241 [ 8 ] Bug #2418245 - CVE-2025-11001 retroarch: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2418245 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6e0627440a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
