Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora 37: FEDORA-2023-2a9214af5f Moderate: DDoS Cachelib Fix

fedora
Calendar Grey October 24, 2023
Dist Fedora Esm H88
Fedora 37 rolls out a vital update targeting a DDoS vulnerability in cachelib. Uncover the specifics right here.
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487

Summary

CacheLib is a C++ library providing in-process high performance caching

mechanism. CacheLib provides a thread safe API to build high throughput, low

overhead caching services, with built-in ability to leverage DRAM and SSD

caching transparently.

Update Information:

Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487

Change Log

* Wed Oct 18 2023 Michel Lind - 17^20231016-1 - Update to 2023.10.16.00 * Tue Oct 17 2023 Michel Lind - 17^20231009-1 - Update to 2023.10.09.00 * Tue Sep 12 2023 Michel Lind - 17^20230911-1 - Update to 2023.09.11.00 * Fri Jul 7 2023 Michel Alexandre Salim - 17^20230703-1 - Update to 17^2023.07.03.00 - Properly bump major version - Patch to support fmt 10 (fixes: rhbz#2219451) - Use SPDX license identifier * Wed Jun 28 2023 Vitaly Zaitsev - 16^20230424-3 - Rebuilt due to fmt 10 update. * Thu Apr 27 2023 Michel Alexandre Salim - 16^20230424-2 - Reapply GCC workaround for epel9 x86_64

References


[ 1 ] Bug #2221799 - mcrouter-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2221799 [ 2 ] Bug #2239431 - proxygen-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239431 [ 3 ] Bug #2239594 - wangle-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239594 [ 4 ] Bug #2239613 - fb303-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239613 [ 5 ] Bug #2239614 - fbthrift-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239614 [ 6 ] Bug #2239623 - fizz-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239623 [ 7 ] Bug #2239624 - folly-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239624 [ 8 ] Bug #2243253 - [Major Incident] CVE-2023-44487 proxygen: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2a9214af5f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: cachelib
Product: Fedora 37
Version: 17^20231016
Release: 1.fc37
Summary: Pluggable caching engine for scale high performance cache services

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here