Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Fedora 26: FEDORA-2017-8bd521abc9 moderate: augeas memory corruption

fedora
Calendar Grey August 26, 2017
Dist Fedora Esm H88
Fedora 27 issues a Glibc security patch addressing buffer overflow vulnerabilities associated with CVE-2018-1234 in version 2.26.
New upstream version 1.8.1

Summary

A library for programmatically editing configuration files. Augeas parses

configuration files into a tree structure, which it exposes through its

public API. Changes made through the API are written back to the initially

read files.

The transformation works very hard to preserve comments and formatting

details. It is controlled by ``lens' definitions that describe the file

format and the transformation into a tree.

New upstream version 1.8.1. Fixes CVE-2017-7555 (RHBZ#1482340).

[ 1 ] Bug #1482340 - CVE-2017-7555 augeas: Improper handling of escaped strings leading to memory corruption [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1482340

su -c 'dnf upgrade augeas' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Product: Fedora 26
Version: 1.8.1
Release: 1.fc26
Summary: A library for changing configuration files

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.