Chromium, Matrix-Synapse, Exim, Ghostscript, Varnish updates for Fedora

Fedora Linux 8926 Published by

Fedora Linux has been updated with multiple security enhancements, including Chromium, Matrix-Synapse, Exim, Ghostscript, and Varnish:

Fedora 40 Update: chromium-135.0.7049.52-2.fc40
Fedora 40 Update: matrix-synapse-1.111.1-4.fc40
Fedora 40 Update: exim-4.98.2-1.fc40
Fedora 41 Update: chromium-135.0.7049.52-1.fc41
Fedora 41 Update: ghostscript-10.03.1-5.fc41
Fedora 41 Update: exim-4.98.2-1.fc41
Fedora 41 Update: varnish-7.5.0-3.fc41



[SECURITY] Fedora 40 Update: chromium-135.0.7049.52-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-609ed3aaa7
2025-04-05 01:55:52.755324+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 40
Version : 135.0.7049.52
Release : 2.fc40
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 135.0.7049.52
High CVE-2025-3066: Use after free in Navigations
Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs
Medium CVE-2025-3068: Inappropriate implementation in Intents
Medium CVE-2025-3069: Inappropriate implementation in Extensions
Medium CVE-2025-3070: Insufficient validation of untrusted input in Extensions
Low CVE-2025-3071: Inappropriate implementation in Navigations
Low CVE-2025-3072: Inappropriate implementation in Custom Tabs
Low CVE-2025-3073: Inappropriate implementation in Autofill
Low CVE-2025-3074: Inappropriate implementation in Downloads
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 2 2025 Jan Grulich [jgrulich@redhat.com] - 135.0.7049.52-2
- Add CFI suppressions for inline PipeWire functions
* Tue Apr 1 2025 Than Ngo [than@redhat.com] - 135.0.7049.52-1
- Update to 135.0.7049.52
* Fri Mar 28 2025 Than Ngo [than@redhat.com] - 135.0.7049.41-1
- Update to 135.0.7049.41
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2356787 - CVE-2025-3066 chromium: Use after free in Navigations [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356787
[ 2 ] Bug #2356788 - CVE-2025-3066 chromium: Use after free in Navigations [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356788
[ 3 ] Bug #2356789 - CVE-2025-3068 chromium: Inappropriate implementation in Intents [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356789
[ 4 ] Bug #2356790 - CVE-2025-3068 chromium: Inappropriate implementation in Intents [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356790
[ 5 ] Bug #2356792 - CVE-2025-3072 chromium: Inappropriate implementation in Custom Tabs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356792
[ 6 ] Bug #2356793 - CVE-2025-3072 chromium: Inappropriate implementation in Custom Tabs [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356793
[ 7 ] Bug #2356794 - CVE-2025-3073 chromium: Inappropriate implementation in Autofill [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356794
[ 8 ] Bug #2356795 - CVE-2025-3073 chromium: Inappropriate implementation in Autofill [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356795
[ 9 ] Bug #2356796 - CVE-2025-3070 chromium: Insufficient validation of untrusted input in Extensions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356796
[ 10 ] Bug #2356797 - CVE-2025-3070 chromium: Insufficient validation of untrusted input in Extensions [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356797
[ 11 ] Bug #2356798 - CVE-2025-3069 chromium: Inappropriate implementation in Extensions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356798
[ 12 ] Bug #2356799 - CVE-2025-3069 chromium: Inappropriate implementation in Extensions [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356799
[ 13 ] Bug #2356800 - CVE-2025-3071 chromium: Inappropriate implementation in Navigations [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356800
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-609ed3aaa7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: matrix-synapse-1.111.1-4.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-cef83410f7
2025-04-05 01:55:52.755312+00:00
--------------------------------------------------------------------------------

Name : matrix-synapse
Product : Fedora 40
Version : 1.111.1
Release : 4.fc40
URL : https://github.com/element-hq/synapse
Summary : A Matrix reference homeserver written in Python using Twisted
Description :
Matrix is an ambitious new ecosystem for open federated Instant Messaging and
VoIP. Synapse is a reference "homeserver" implementation of Matrix from the
core development team at matrix.org, written in Python/Twisted. It is intended
to showcase the concept of Matrix and let folks see the spec in the context of
a coded base and let you run your own homeserver and generally help bootstrap
the ecosystem.

--------------------------------------------------------------------------------
Update Information:

Backport fixes from v1.127.1
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 29 2025 Kai A. Hiller [V02460@gmail.com] - 1.111.1-4
- Backport fixes from v1.127.1
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-cef83410f7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: exim-4.98.2-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3a56fe6159
2025-04-05 01:55:52.755204+00:00
--------------------------------------------------------------------------------

Name : exim
Product : Fedora 40
Version : 4.98.2
Release : 1.fc40
URL : https://www.exim.org/
Summary : The exim mail transfer agent
Description :
Exim is a message transfer agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet. It is
freely available under the terms of the GNU General Public Licence. In
style it is similar to Smail 3, but its facilities are more
general. There is a great deal of flexibility in the way mail can be
routed, and there are extensive facilities for checking incoming
mail. Exim can be installed in place of sendmail, although the
configuration of exim is quite different to that of sendmail.

--------------------------------------------------------------------------------
Update Information:

This is an update fixing CVE 2025-30232.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 26 2025 Jaroslav ??karvada [jskarvad@redhat.com] - 4.98.2-1
- New version
Resolves: CVE 2025-30232
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2355643 - CVE-2025-30232 exim: privilege escalation via use-after-free [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2355643
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3a56fe6159' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: chromium-135.0.7049.52-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-98dd4c4639
2025-04-05 01:25:14.172425+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 41
Version : 135.0.7049.52
Release : 1.fc41
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 135.0.7049.52
High CVE-2025-3066: Use after free in Navigations
Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs
Medium CVE-2025-3068: Inappropriate implementation in Intents
Medium CVE-2025-3069: Inappropriate implementation in Extensions
Medium CVE-2025-3070: Insufficient validation of untrusted input in Extensions
Low CVE-2025-3071: Inappropriate implementation in Navigations
Low CVE-2025-3072: Inappropriate implementation in Custom Tabs
Low CVE-2025-3073: Inappropriate implementation in Autofill
Low CVE-2025-3074: Inappropriate implementation in Downloads
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 1 2025 Than Ngo [than@redhat.com] - 135.0.7049.52-1
- Update to 135.0.7049.52
* Fri Mar 28 2025 Than Ngo [than@redhat.com] - 135.0.7049.41-1
- Update to 135.0.7049.41
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2356787 - CVE-2025-3066 chromium: Use after free in Navigations [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356787
[ 2 ] Bug #2356788 - CVE-2025-3066 chromium: Use after free in Navigations [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356788
[ 3 ] Bug #2356789 - CVE-2025-3068 chromium: Inappropriate implementation in Intents [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356789
[ 4 ] Bug #2356790 - CVE-2025-3068 chromium: Inappropriate implementation in Intents [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356790
[ 5 ] Bug #2356792 - CVE-2025-3072 chromium: Inappropriate implementation in Custom Tabs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356792
[ 6 ] Bug #2356793 - CVE-2025-3072 chromium: Inappropriate implementation in Custom Tabs [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356793
[ 7 ] Bug #2356794 - CVE-2025-3073 chromium: Inappropriate implementation in Autofill [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356794
[ 8 ] Bug #2356795 - CVE-2025-3073 chromium: Inappropriate implementation in Autofill [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356795
[ 9 ] Bug #2356796 - CVE-2025-3070 chromium: Insufficient validation of untrusted input in Extensions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356796
[ 10 ] Bug #2356797 - CVE-2025-3070 chromium: Insufficient validation of untrusted input in Extensions [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356797
[ 11 ] Bug #2356798 - CVE-2025-3069 chromium: Inappropriate implementation in Extensions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356798
[ 12 ] Bug #2356799 - CVE-2025-3069 chromium: Inappropriate implementation in Extensions [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356799
[ 13 ] Bug #2356800 - CVE-2025-3071 chromium: Inappropriate implementation in Navigations [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2356800
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-98dd4c4639' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: ghostscript-10.03.1-5.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-47818d27ba
2025-04-05 01:25:14.172419+00:00
--------------------------------------------------------------------------------

Name : ghostscript
Product : Fedora 41
Version : 10.03.1
Release : 5.fc41
URL : https://ghostscript.com/
Summary : Interpreter for PostScript language & PDF
Description :
This package provides useful conversion utilities based on Ghostscript software,
for converting PS, PDF and other document formats between each other.

Ghostscript is a suite of software providing an interpreter for Adobe Systems'
PostScript (PS) and Portable Document Format (PDF) page description languages.
Its primary purpose includes displaying (rasterization & rendering) and printing
of document pages, as well as conversions between different document formats.

--------------------------------------------------------------------------------
Update Information:

CVE-2025-27835 ghostscript: Buffer overflow when converting glyphs to unicode
(fedora#2355026)
CVE-2025-27834 ghostscript: Buffer overflow caused by an oversized Type 4
function in a PDF (fedora#2355024)
CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow
(fedora#2355022)
CVE-2025-27836 ghostscript: device: Print buffer overflow (fedora#2355020)
CVE-2025-27830 ghostscript: Buffer overflow during serialization of DollarBlend
in font (fedora#2355016)
CVE-2025-27833 ghostscript: Buffer overflow with long TTF font name
(fedora#2355012)
CVE-2025-27837 ghostscript: Access to arbitrary files through truncated path
with invalid UTF-8 (fedora#2355010)
CVE-2025-27831 ghostscript: Text buffer overflow with long characters
(fedora#2355008)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 28 2025 Zdenek Dohnal [zdohnal@redhat.com] - 10.03.1-5
- CVE-2025-27835 ghostscript: Buffer overflow when converting glyphs to unicode (fedora#2355026)
- CVE-2025-27834 ghostscript: Buffer overflow caused by an oversized Type 4 function in a PDF (fedora#2355024)
- CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow (fedora#2355022)
- CVE-2025-27836 ghostscript: device: Print buffer overflow (fedora#2355020)
- CVE-2025-27830 ghostscript: Buffer overflow during serialization of DollarBlend in font (fedora#2355016)
- CVE-2025-27833 ghostscript: Buffer overflow with long TTF font name (fedora#2355012)
- CVE-2025-27837 ghostscript: Access to arbitrary files through truncated path with invalid UTF-8 (fedora#2355010)
- CVE-2025-27831 ghostscript: Text buffer overflow with long characters (fedora#2355008)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2354947 - CVE-2025-27835 Ghostscript: Buffer overflow when converting glyphs to unicode
https://bugzilla.redhat.com/show_bug.cgi?id=2354947
[ 2 ] Bug #2354948 - CVE-2025-27834 Ghostscript: Buffer overflow caused by an oversized Type 4 function in a PDF
https://bugzilla.redhat.com/show_bug.cgi?id=2354948
[ 3 ] Bug #2354949 - CVE-2025-27832 Ghostscript: NPDL device: Compression buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2354949
[ 4 ] Bug #2354952 - CVE-2025-27836 Ghostscript: device: Print buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2354952
[ 5 ] Bug #2354953 - CVE-2025-27830 Ghostscript: Buffer overflow during serialization of DollarBlend in font
https://bugzilla.redhat.com/show_bug.cgi?id=2354953
[ 6 ] Bug #2354954 - CVE-2025-27833 Ghostscript: Buffer overflow with long TTF font name
https://bugzilla.redhat.com/show_bug.cgi?id=2354954
[ 7 ] Bug #2354961 - CVE-2025-27837 Ghostscript: Access to arbitrary files through truncated path with invalid UTF-8
https://bugzilla.redhat.com/show_bug.cgi?id=2354961
[ 8 ] Bug #2354963 - CVE-2025-27831 Ghostscript: Text buffer overflow with long characters
https://bugzilla.redhat.com/show_bug.cgi?id=2354963
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-47818d27ba' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: exim-4.98.2-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-ab7148736c
2025-04-05 01:25:14.172330+00:00
--------------------------------------------------------------------------------

Name : exim
Product : Fedora 41
Version : 4.98.2
Release : 1.fc41
URL : https://www.exim.org/
Summary : The exim mail transfer agent
Description :
Exim is a message transfer agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet. It is
freely available under the terms of the GNU General Public Licence. In
style it is similar to Smail 3, but its facilities are more
general. There is a great deal of flexibility in the way mail can be
routed, and there are extensive facilities for checking incoming
mail. Exim can be installed in place of sendmail, although the
configuration of exim is quite different to that of sendmail.

--------------------------------------------------------------------------------
Update Information:

This is an update fixing CVE 2025-30232.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 26 2025 Jaroslav ??karvada [jskarvad@redhat.com] - 4.98.2-1
- New version
Resolves: CVE 2025-30232
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2355644 - CVE-2025-30232 exim: privilege escalation via use-after-free [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2355644
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-ab7148736c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: varnish-7.5.0-3.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4453f596a8
2025-04-05 01:25:14.172279+00:00
--------------------------------------------------------------------------------

Name : varnish
Product : Fedora 41
Version : 7.5.0
Release : 3.fc41
URL : https://www.varnish-cache.org/
Summary : High-performance HTTP accelerator
Description :
This is Varnish Cache, a high-performance HTTP accelerator.

Varnish Cache stores web pages in memory so web servers don???t have to
create the same web page over and over again. Varnish Cache serves
pages much faster than any application server; giving the website a
significant speed up.

Documentation wiki and additional information about Varnish Cache is
available on: https://www.varnish-cache.org/

--------------------------------------------------------------------------------
Update Information:

Security: This update includes fix for VSV00015 aka CVE-2025-30346. Upstream
considers this a low risk problem. For details, refer to https://varnish-
cache.org/security/VSV00015.html
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 25 2025 Ingvar Hagelund - 7.5.0-3
- Security: Added patch for VSV00015 aka CVE-2025-30346
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4453f596a8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


Wine 10.5 released

Firefox updates for AlmaLinux

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...