[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-7cd749f133 2021-07-04 01:06:05.754372 -------------------------------------------------------------------------------- Name : libslirp Product : Fedora 34 Version : 4.4.0 Release : 4.fc34 URL : https://gitlab.freedesktop.org/slirp/libslirp Summary : A general purpose TCP-IP emulator Description : A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services. -------------------------------------------------------------------------------- Update Information: Fix CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 out-of-bounds access -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 18 2021 Marc-Andr�� Lureau <marcandre.lureau(a)redhat.com&gt; - 4.4.0-4 - Fix DHCP regression from CVE backports. * Tue Jun 15 2021 Marc-Andr�� Lureau <marcandre.lureau(a)redhat.com&gt; - 4.4.0-3 - Fix CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 out-of-bounds access rhbz#1972249 rhbz#1972250 rhbz#1972252 rhbz#1972243 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1972243 - CVE-2021-3595 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972243 [ 2 ] Bug #1972249 - CVE-2021-3592 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972249 [ 3 ] Bug #1972250 - CVE-2021-3593 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp6) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972250 [ 4 ] Bug #1972252 - CVE-2021-3594 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1972252 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-7cd749f133' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------