-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-69b85312f0 2023-09-05 00:40:06.815803 --------------------------------------------------------------------------------
Name : libtommath Product : Fedora 38 Version : 1.2.0 Release : 12.fc38 URL : http://www.libtom.net/ Summary : A portable number theoretic multiple-precision integer library Description : A free open source portable number theoretic multiple-precision integer library written entirely in C. (phew!). The library is designed to provide a simple to work with API that provides fairly efficient routines that build out of the box without configuration.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2023-36328 -------------------------------------------------------------------------------- ChangeLog:
* Sat Sep 2 2023 Frantisek Sumsal frantisek@sumsal.cz - 1.2.0-12 - Fix CVE-2023-36328 (#2236877,#2236878) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2236877 - CVE-2023-36328 libtommath: Integer Overflow vulnerability in mp_grow in libtom https://bugzilla.redhat.com/show_bug.cgi?id=2236877 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-69b85312f0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------