Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 30: Update FEDORA-2019-f350634b40 Command Injection Issue

fedora
Calendar Grey July 12, 2019
Dist Fedora Esm H88
The most recent Debian patch rectifies various flaws and a potential code execution vulnerability in git, improving overall system integrity.
- Update to 2.8 fixes rhbz#1581180 rhbz#1603993 rhbz#1674893 and rhbz#1524335 - Removed upstreamed patch - Bug 1524335 - CVE-2017-17459 fossil: Command injection via malicious ssh ...

Summary

Fossil is a simple, high-reliability, distributed software configuration

management with distributed bug tracking, distributed wiki and built-in web

interface.

- Update to 2.8 fixes rhbz#1581180 rhbz#1603993 rhbz#1674893 and rhbz#1524335 -Removed upstreamed patch - Bug 1524335 - CVE-2017-17459 fossil: Command

injection via malicious ssh URLs [fedora-all] - Bug 1581180 - Update fossil

version to 2.6 (currently is 2.2) - Bug 1603993 - fossil: FTBFS in Fedora

rawhide - Bug 1674893 - fossil: FTBFS in Fedora rawhide/f30

* Thu Jul 4 2019 Filipe Rosset - 2.8-1

- Update to 2.8 fixes rhbz#1581180 rhbz#1603993 rhbz#1674893 and rhbz#1524335

- Removed upstreamed patch

- Bug 1524335 - CVE-2017-17459 fossil: Command injection via malicious ssh URLs [fedora-all]

- Bug 1581180 - Update fossil version to 2.6 (currently is 2.2)

- Bug 1603993 - fossil: FTBFS in Fedora rawhide

- Bug 1674893 - fossil: FTBFS in Fedora rawhide/f30

* Thu Jan 31 2019 Fedora Release Engineering - 2.2-7

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Fri Jul 13 2018 Fedora Release Engineering - 2.2-6

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[ 1 ] Bug #1603993 - fossil: FTBFS in Fedora rawhide

https://bugzilla.redhat.com/show_bug.cgi?id=1603993

[ 2 ] Bug #1524335 - CVE-2017-17459 fossil: Command injection via malicious ssh URLs [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1524335

[ 3 ] Bug #1674893 - fossil: FTBFS in Fedora rawhide/f30

https://bugzilla.redhat.com/show_bug.cgi?id=1674893

su -c 'dnf upgrade --advisory FEDORA-2019-f350634b40' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory software update Fedora threat mitigation bug fixes command injection

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 30
Version: 2.8
Release: 1.fc30
URL: https://www.fossil-scm.org/home/doc/trunk/www/index.wiki
Summary: A distributed SCM with bug tracking and wiki

Topics%20covered

Topics Covered

security advisory software update Fedora threat mitigation bug fixes command injection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here