Fedora 26: FEDORA-2017-863f86e7a9 Moderate: Radicale Timing Attack

The Radicale Project is a CalDAV (calendar) and CardDAV (contact) server. It

aims to be a light solution, easy to use, easy to install, easy to configure.

As a consequence, it requires few software dependencies and is pre-configured

to work out-of-the-box.

The Radicale Project runs on most of the UNIX-like platforms (Linux, BSD,

MacOS X) and Windows. It is known to work with Evolution, Lightning, iPhone

and Android clients. It is free and open-source software, released under GPL

version 3.

Security fix for CVE-2017-8342

[ 1 ] Bug #1447247 - CVE-2017-8342 radicale: Insufficient protection against timing oracles and bruteforce attacks [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1447247

su -c 'dnf upgrade radicale' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org