-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-9d83929ffa 2019-12-18 15:16:31.530968 --------------------------------------------------------------------------------
Name : libyang Product : Fedora 30 Version : 1.0.101 Release : 1.fc30 URL : https://github.com/CESNET/libyang Summary : YANG data modeling language library Description : Libyang is YANG data modeling language parser and toolkit written (and providing API) in C.
-------------------------------------------------------------------------------- Update Information:
Rebase to version 1.0.101 -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 9 2019 Tomas Korbar tkorbar@redhat.com - 1.0.101-1 - Rebase to version 1.0.101 - Fix CVE-2019-19333 (#1780495) - Fix CVE-2019-19334 (#1780494) * Fri Oct 25 2019 Tomas Korbar tkorbar@redhat.com - 1.0.73-1 - Rebase to version 1.0.73 (#1758512) * Thu Oct 3 2019 Miro Hron��ok mhroncok@redhat.com - 0.16.105-4 - Rebuilt for Python 3.8.0rc1 (#1748018) * Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 0.16.105-3 - Rebuilt for Python 3.8 * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 0.16.105-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Tue May 7 2019 Tomas Korbar tkorbar@redhat.com - 0.16.105-1 - Initial import (#1699846). * Fri Apr 26 2019 Tomas Korbar tkorbar@redhat.com - 0.16.105-1 - Change specfile accordingly to mosvald's review - Remove obsolete ldconfig scriptlets - libyang-devel-doc changed to noarch package - Add python_provide macro to python3-libyang subpackage - Remove obsolete Requires from libyang-cpp-devel - Start using cmake with smp_mflags macro * Wed Apr 3 2019 Tomas Korbar tkorbar@redhat.com - 0.16.105-1 - Initial commit of package after editation of specfile -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1780495 - CVE-2019-19333 libyang: stack-based buffer overflow in make_canonical when bits leaf type is used [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1780495 [ 2 ] Bug #1780494 - CVE-2019-19334 libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1780494 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-9d83929ffa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------