--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-9d18d4159e
2022-01-25 01:02:31.955857
--------------------------------------------------------------------------------

Name        : binaryen
Product     : Fedora 34
Version     : 105
Release     : 1.fc34
URL         : https://github.com/WebAssembly/binaryen
Summary     : Compiler and toolchain infrastructure library for WebAssembly
Description :
Binaryen is a compiler and toolchain infrastructure library for WebAssembly,
written in C++. It aims to make compiling to WebAssembly easy, fast, and
effective:

* Easy: Binaryen has a simple C API in a single header, and can also be used
  from JavaScript. It accepts input in WebAssembly-like form but also accepts
  a general control flow graph for compilers that prefer that.

* Fast: Binaryen's internal IR uses compact data structures and is designed for
  completely parallel codegen and optimization, using all available CPU cores.
  Binaryen's IR also compiles down to WebAssembly extremely easily and quickly
  because it is essentially a subset of WebAssembly.

* Effective: Binaryen's optimizer has many passes that can improve code very
  significantly (e.g. local coloring to coalesce local variables; dead code
  elimination; precomputing expressions when possible at compile time; etc.).
  These optimizations aim to make Binaryen powerful enough to be used as a
  compiler backend by itself. One specific area of focus is on
  WebAssembly-specific optimizations (that general-purpose compilers might not
  do), which you can think of as wasm minification , similar to minification for
  JavaScript, CSS, etc., all of which are language-specific (an example of such
  an optimization is block return value generation in SimplifyLocals).

--------------------------------------------------------------------------------
Update Information:

Bug fixes and incremental optimization improvements.  ----  Bugfix release
including fix for CVE-2021-45290 and CVE-2021-45293.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jan 16 2022 Dominik Mierzejewski  105-1
- update to 105 (#2040105)
* Tue Jan 11 2022 Dominik Mierzejewski  104-1
- update to 104 (#2033827)
- fixes CVE-2021-45290 (#2037323, #2037325)
- fixes CVE-2021-45293 (#2037324, #2037326)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2033827 - binaryen-104 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2033827
  [ 2 ] Bug #2037325 - CVE-2021-45290 binaryen: assertion abort in wasm::handle_unreachable [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2037325
  [ 3 ] Bug #2037326 - CVE-2021-45293 binaryen: Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2037326
  [ 4 ] Bug #2040105 - binaryen-105 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2040105
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-9d18d4159e' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure