Critical Update for Fedora 28 NekoVM: Addressing CVE-2018-0497 Threat

Neko is a high-level dynamically typed programming language which can

also be used as an embedded scripting language. It has been designed

to provide a common run-time for several different languages. Neko is

not only very easy to learn and use, but also has the flexibility of

being able to extend the language with C libraries. You can even write

generators from your own language to Neko and then use the Neko

run-time to compile, run, and access existing libraries.

If you need to add a scripting language to your application, Neko

provides one of the best trade-offs available between simplicity,

extensibility and speed.

Neko allows the language designer to focus on design whilst reusing a

fast and well constructed run-time, as well as existing libraries for

accessing file system, network, databases, XML...

Neko has a compiler and virtual machine. The Virtual Machine is both

very lightweight and extremely well optimized so that it can run very

quickly. The VM can be easily embedded into any application and your

libraries are directly accessible using the C foreign function

interface.

The compiler converts a source .neko file into a byte-code .n file that

can be executed with the Virtual Machine. Although the compiler is

written in Neko itself, it is still very fast. You can use the

compiler as standalone command-line executable separated from the VM,

or as a Neko library to perform compile-and-run for interactive

languages.

- Update to 2.13.0 - CVE-2018-0497 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory:

* Thu Sep 27 2018 Morten Stevens - 2.2.0-8

- Rebuilt for mbed TLS 2.13.0

* Thu Sep 27 2018 Morten Stevens - 2.2.0-7

- Rebuilt for mbed TLS 2.13.0

* Fri Jul 13 2018 Andy Li - 2.2.0-6

- Add BuildRequires on gcc.

- Rebuilt for mbed TLS 2.11.0.

* Thu Jul 5 2018 Richard W.M. Jones - 2.2.0-5

- Remove ldconfig

https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/SU3LJVDZ7LUSJGZR5MS72BMRAFP3PQQL/

* Mon May 21 2018 Robert Scheck - 2.2.0-4

- Rebuilt for mbed TLS 2.9.0 (libmbedcrypto.so.2)

su -c 'dnf upgrade --advisory FEDORA-2018-5d6e80ab82' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/