Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Fedora 37: FEDORA-2023-cb20f08a4e Critical: OAuth Library Update

fedora
Calendar Grey April 20, 2023
Dist Fedora Esm H88
New version released for golang-github-cli-oauth, now at 2.27.0, fixing a major code pathway problem identified in Fedora.
Update `gh` to 2.27.0

Summary

A library for performing OAuth Device flow and Web application flow in Go

client apps.

Update `gh` to 2.27.0

* Sat Mar 11 2023 Mikel Olasagasti Uranga - 1.0.1-2

- Update to 1.0.1 - Closes rhbz#2166882

* Sat Mar 11 2023 Mikel Olasagasti Uranga - 1.0.1-1

- Update to 1.0.1 - Closes rhbz#2166882

[ 1 ] Bug #2175969 - gh codespace ssh fails to connect

https://bugzilla.redhat.com/show_bug.cgi?id=2175969

[ 2 ] Bug #2178433 - CVE-2022-41723 gh: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2178433

su -c 'dnf upgrade --advisory FEDORA-2023-cb20f08a4e' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 37
Version: 1.0.1
Release: 2.fc37
Summary: Library for performing OAuth Device and Web application flow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.