--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-e139f256f6
2022-08-10 01:15:25.226748
--------------------------------------------------------------------------------
Name : squirrel
Product : Fedora 36
Version : 2.2.5
Release : 25.fc36
URL :
http://squirrel-lang.org/
Summary : High level imperative/OO programming language
Description :
Squirrel is a high level imperative/OO programming language, designed
to be a powerful scripting tool that fits in the size, memory bandwidth,
and real-time requirements of applications like games.
--------------------------------------------------------------------------------
Update Information:
- backport fixes for CVE-2021-41556 and CVE-2022-30292
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 1 2022 Dan Hor��k <dan[at]danny.cz> - 2.2.5-25
- backport fixes for CVE-2021-41556 and CVE-2022-30292
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.5-24
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2082176 - CVE-2022-30292 squirrel: thread_call in sqbaselib.cpp lacks a
certain sq_reservestack call
https://bugzilla.redhat.com/show_bug.cgi?id=2082176
[ 2 ] Bug #2112794 - CVE-2021-41556 squirrel: out-of-bounds read in core interpreter
allows sandbox escape leads to code execution
https://bugzilla.redhat.com/show_bug.cgi?id=2112794
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-e139f256f6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------