[SECURITY] Fedora 36 Update: golang-github-google-pprof-0-16.20210802gitc50bf4f.fc36

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-fae3ecee19 2022-07-04 01:26:49.799780 -------------------------------------------------------------------------------- Name : golang-github-google-pprof Product : Fedora 36 Version : 0 Release : 16.20210802gitc50bf4f.fc36 URL : https://github.com/google/pprof Summary : Tool for visualization and analysis of profiling data Description : Pprof is a tool for visualization and analysis of profiling data. Pprof reads a collection of profiling samples in profile.proto format and generates reports to visualize and help analyze the data. It can generate both text and graphical reports (through the use of the dot visualization package). -------------------------------------------------------------------------------- Update Information: Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). ---- Update to 1.1.0 ---- Disable package_note on arm too ---- update to 0.44.1 rhbz#2007854 ---- Add missing archive ---- Update to 0.0.31 - Close: rhbz#1963535 ---- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 18 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com&gt; 0-16 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1963535 - golang-storj-drpc-0.0.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=1963535 [ 2 ] Bug #2067400 - CVE-2022-21698 golang-github-prometheus-client: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2067400 [ 3 ] Bug #2074268 - CVE-2022-27191 vultr: golang: crash in a golang.org/x/crypto/ssh server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2074268 [ 4 ] Bug #2084865 - CVE-2022-28327 golang-github-prometheus-node-exporter: golang: crypto/elliptic: panic caused by oversized scalar [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2084865 [ 5 ] Bug #2088110 - CVE-2022-24675 golang-github-theupdateframework-notary: golang: encoding/pem: fix stack overflow in Decode [fedora-35] https://bugzilla.redhat.com/show_bug.cgi?id=2088110 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-fae3ecee19' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------