[SECURITY] Fedora 35 Update: dnscrypt-proxy-2.1.1-4.fc35

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-3969b64d4b 2022-07-17 00:57:11.020145 -------------------------------------------------------------------------------- Name : dnscrypt-proxy Product : Fedora 35 Version : 2.1.1 Release : 4.fc35 URL : https://github.com/jedisct1/dnscrypt-proxy Summary : Flexible DNS proxy, with support for encrypted DNS protocols Description : A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS (DoH) and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and suspicious queries - Pattern-based local blocking of DNS names and IP addresses - Time-based filtering, with a flexible weekly schedule - Transparent redirection of specific domains to specific resolvers - DNS caching, to reduce latency and improve privacy - Local IPv6 blocking to reduce latency on IPv4-only networks - Load balancing: pick a set of resolvers, dnscrypt-proxy will automatically measure and keep track of their speed, and balance the traffic across the fastest available ones. - Cloaking: like a HOSTS file on steroids, that can return preconfigured addresses for specific names, or resolve and return the IP address of other names. This can be used for local development as well as to enforce safe search results on Google, Yahoo and Bing. - Automatic background updates of resolvers lists - Can force outgoing connections to use TCP; useful with tunnels such as Tor. -------------------------------------------------------------------------------- Update Information: Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar - CVE-2022-29526 golang: syscall: faccessat checks wrong group (There are some Go CVEs that are a little bit older that will also be mitigated by the rebuild for packages that haven't been updated recently) CVEs in other golang libraries that affect a subset of Go packages: - CVE-2022-21698 golang-github-prometheus- client: prometheus/client_golang: Denial of service using InstrumentHandlerCounter - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key ---- Initial import for golang-github-a8m-envsubst Resolves: rhbz#2074406 ---- Initial package Resolves: rhbz#2074438 ---- Update to v3.14.0 (close rhbz#2105612) ---- Fix merge ---- Update to 1.22.1 - Close: rhbz#2077577 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 18 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com&gt; 2.1.1-4 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 * Fri Jun 17 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com&gt; 2.1.1-3 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; 2.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2074406 - Review Request: golang-github-a8m-envsubst - Environment variables substitution for Go https://bugzilla.redhat.com/show_bug.cgi?id=2074406 [ 2 ] Bug #2074438 - Review Request: golang-github-goccy-yaml - YAML support for the Go language https://bugzilla.redhat.com/show_bug.cgi?id=2074438 [ 3 ] Bug #2077577 - powerline-go-1.22.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077577 [ 4 ] Bug #2105612 - golang-github-task-3.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2105612 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3969b64d4b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------