Fedora 29: FEDORA-2018-afae5e8438 Critical: Tinc Security Flaw

tinc is a Virtual Private Network (VPN) daemon that uses tunnelling

and encryption to create a secure private network between hosts on

the Internet. Because the tunnel appears to the IP level network

code as a normal network device, there is no need to adapt any

existing software. This tunnelling allows VPN sites to share

information with each other over the Internet without exposing any

information to others.

Security fix for CVE-2018-16737, CVE-2018-16738, CVE-2018-16758

* Tue Dec 18 2018 Fabian Affolter - 1.0.35-1

- Fix for CVE-2018-16737, CVE-2018-16738 and CVE-2018-16758

- Update to new upstream version 1.0.35

* Fri Oct 26 2018 Fabian Affolter - 1.0.34-1

- Update to new upstream version 1.0.34

[ 1 ] Bug #1637483 - CVE-2018-16737 CVE-2018-16738 CVE-2018-16758 tinc: Multiple issues fixed in the 1.0.35 release [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1637483

[ 2 ] Bug #1637482 - CVE-2018-16737 CVE-2018-16738 CVE-2018-16758 tinc: Multiple issues fixed in the 1.0.35 release [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1637482

su -c 'dnf upgrade --advisory FEDORA-2018-afae5e8438' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/