--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-bd9e67c117
2024-05-02 01:43:10.602183
--------------------------------------------------------------------------------
Name : et
Product : Fedora 38
Version : 6.2.8
Release : 1.fc38
URL :
https://mistertea.github.io/EternalTerminal/
Summary : Remote shell that survives IP roaming and disconnect
Description :
Eternal Terminal (ET) is a remote shell that automatically reconnects without
interrupting the session.
--------------------------------------------------------------------------------
Update Information:
Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258
Unbundle cpp-httlib, fixing CVE-2023-26130
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 30 2024 Michel Lind <salimma(a)fedoraproject.org> - 6.2.8-1
- Update to 6.2.8 (rhbz#2162155)
- Temporarily rebundle catch2; the version in Fedora is too old
* Fri Apr 26 2024 Michel Lind <salimma(a)fedoraproject.org> - 6.2.1-15
- Disable unwind on s390x
* Fri Apr 26 2024 Michel Lind <salimma(a)fedoraproject.org> - 6.2.1-14
- Unbundle cpp-httplib (rhbz#2169585)
- Eliminate almost all sed usage
- Use find_package to find cxxopts
- Use pkg_check_modules to find easylogging++
- Enable SELinux support
- Enable unwind support
* Thu Apr 25 2024 Michel Lind <salimma(a)fedoraproject.org> - 6.2.1-13
- Use SPDX license identifier
* Wed Jan 24 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.2.1-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.2.1-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2161247 - CVE-2022-48257 et: EternalTerminal: information exposure
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2161247
[ 2 ] Bug #2161251 - CVE-2022-48258 et: MisterTea/EternalTerminal: information exposure
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2161251
[ 3 ] Bug #2162155 - et-6.2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2162155
[ 4 ] Bug #2169585 - Please try to use cpp-httplib-devel package
https://bugzilla.redhat.com/show_bug.cgi?id=2169585
[ 5 ] Bug #2211077 - CVE-2023-26130 et: cpp-httplib: CRLF Injection [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2211077
[ 6 ] Bug #2211079 - CVE-2023-26130 et: cpp-httplib: CRLF Injection [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2211079
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-bd9e67c117' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------