[SECURITY] Fedora 38 Update: mcrouter-0.41.0.20231016-1.fc38

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-17efd3f2cd 2023-10-24 01:21:22.156597 -------------------------------------------------------------------------------- Name : mcrouter Product : Fedora 38 Version : 0.41.0.20231016 Release : 1.fc38 URL : https://github.com/facebook/mcrouter Summary : Memcached protocol router for scaling memcached deployments Description : Mcrouter (pronounced mc router) is a memcached protocol router for scaling memcached deployments. Because the routing and feature logic are abstracted from the client in mcrouter deployments, the client may simply communicate with destination hosts through mcrouter over a TCP connection using standard memcached protocol. Typically, little or no client modification is needed to use mcrouter, which was designed to be a drop-in proxy between the client and memcached hosts. -------------------------------------------------------------------------------- Update Information: Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 18 2023 Michel Lind <salimma(a)fedoraproject.org&gt; - 0.41.0.20231016-1 - Update to 2023.10.16.00 * Thu Oct 5 2023 Remi Collet <remi(a)fedoraproject.org&gt; - 0.41.0.20230703-3 - rebuild for new libsodium * Thu Jul 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 0.41.0.20230703-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2221799 - mcrouter-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2221799 [ 2 ] Bug #2239431 - proxygen-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239431 [ 3 ] Bug #2239594 - wangle-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239594 [ 4 ] Bug #2239613 - fb303-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239613 [ 5 ] Bug #2239614 - fbthrift-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239614 [ 6 ] Bug #2239623 - fizz-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239623 [ 7 ] Bug #2239624 - folly-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239624 [ 8 ] Bug #2243253 - [Major Incident] CVE-2023-44487 proxygen: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2243253 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-17efd3f2cd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------