[SECURITY] Fedora 39 Update: golang-x-image-0.13.0-1.fc39

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-28cff1a2de 2023-11-03 18:20:20.952858 -------------------------------------------------------------------------------- Name : golang-x-image Product : Fedora 39 Version : 0.13.0 Release : 1.fc39 URL : https://github.com/golang/image Summary : Go supplementary image libraries Description : This package holds supplementary Go image libraries. -------------------------------------------------------------------------------- Update Information: Update to 0.13.0 Security fix for CVE-2023-29408 Security fix for CVE-2023-29407 Security fix for CVE-2022-41727 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 7 2023 Robert-Andr�� Mauchin <zebob.m(a)gmail.com&gt; - 0.13.0-1 - Update to 0.13.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2174311 - CVE-2022-41727 golang.org/x/image: Uncontrolled Resource Consumption https://bugzilla.redhat.com/show_bug.cgi?id=2174311 [ 2 ] Bug #2228735 - CVE-2023-29407 golang.org/x/image/tiff: excessive CPU consumption in decoding https://bugzilla.redhat.com/show_bug.cgi?id=2228735 [ 3 ] Bug #2228742 - CVE-2023-29408 golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data https://bugzilla.redhat.com/show_bug.cgi?id=2228742 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-28cff1a2de' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------