Fedora 31: cutter-re FEDORA-2020-acd8cdb08d

Date13 Feb 2020

CategoryFedora Linux Distribution - Security Advisories

514

Posted ByLinuxSecurity Advisories

Rebase to radare2-4.2.1 and cutter-re 1.10.1. It fixes CVE-2019-19590 and CVE-2019-19547. It also fix a problem in cutter-re that did not display the window icon on Wayland.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-acd8cdb08d
2020-02-14 01:42:14.814326
--------------------------------------------------------------------------------

Name        : cutter-re
Product     : Fedora 31
Version     : 1.10.1
Release     : 3.fc31
URL         : https://cutter.re/
Summary     : GUI for radare2 reverse engineering framework
Description :
Cutter is a Qt and C++ GUI for radare2. Its goal is making an advanced,
customizable and FOSS reverse-engineering platform while keeping the user
experience at mind. Cutter is created by reverse engineers for reverse
engineers.

--------------------------------------------------------------------------------
Update Information:

Rebase to radare2-4.2.1 and cutter-re 1.10.1. It fixes CVE-2019-19590 and
CVE-2019-19547. It also fix a problem in cutter-re that did not display the
window icon on Wayland.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  5 2020 Riccardo Schirone  - 1.10.1-3
- Rebuild with new radare2
* Wed Feb  5 2020 Riccardo Schirone  - 1.10.1-2
- Fix the main window icon
* Mon Feb  3 2020 Riccardo Schirone  - 1.10.1-1
- Rebase to cutter 1.10.1
* Tue Jan 28 2020 Fedora Release Engineering  - 1.9.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Oct 11 2019 Riccardo Schirone  - 1.9.0-2
- Rebuilt for radare2-3.9.0-3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1795157 - CVE-2019-19590 radare2: integer overflow in for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1795157
  [ 2 ] Bug #1783453 - CVE-2019-19647 radare2: improper variable validation in r_asm_pseudo_incbin in libr/asm/asm.c leads to DoS [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1783453
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-acd8cdb08d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.