-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-fae3ecee19 2022-07-04 01:26:49.799780 --------------------------------------------------------------------------------
Name : vultr Product : Fedora 36 Version : 2.0.3 Release : 5.fc36 URL : https://github.com/JamesClonk/vultr Summary : Vultr CLI Description : Vultr CLI is a command line tool for using the Vultr API. It allows you to create and manage your virtual machines, SSH public keys, snapshots, and startup scripts on your Vultr account. You can also use it to directly SSH into a Vultr virtual machine through the vultr ssh command.
-------------------------------------------------------------------------------- Update Information:
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). ---- Update to 1.1.0 ---- Disable package_note on arm too ---- update to 0.44.1 rhbz#2007854 ---- Add missing archive ---- Update to 0.0.31 - Close: rhbz#1963535 ---- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 18 2022 Robert-Andr�� Mauchin zebob.m@gmail.com - 2.0.3-5 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1963535 - golang-storj-drpc-0.0.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=1963535 [ 2 ] Bug #2067400 - CVE-2022-21698 golang-github-prometheus-client: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2067400 [ 3 ] Bug #2074268 - CVE-2022-27191 vultr: golang: crash in a golang.org/x/crypto/ssh server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2074268 [ 4 ] Bug #2084865 - CVE-2022-28327 golang-github-prometheus-node-exporter: golang: crypto/elliptic: panic caused by oversized scalar [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2084865 [ 5 ] Bug #2088110 - CVE-2022-24675 golang-github-theupdateframework-notary: golang: encoding/pem: fix stack overflow in Decode [fedora-35] https://bugzilla.redhat.com/show_bug.cgi?id=2088110 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-fae3ecee19' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org