Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 37: FEDORA-2023-ce2836acfa critical: golang memory growth

fedora
Calendar Grey December 2, 2023
Dist Fedora Esm H88
Tackles high memory usage in golang-github-openprinting-ipp-usb for Fedora 37, contributing to the resolutions of CVE-2022-41717.
Security fix for CVE-2022-41717

Summary

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables

driverless support for USB devices capable of using IPP-over-USB protocol.

Update Information:

Security fix for CVE-2022-41717

Topics%20covered

Topics Covered

security advisory fedora update memory issue golang ipp-usb

Change Log

* Thu Nov 23 2023 Zdenek Dohnal - 0.9.23-5 - Rebuild for any CVE fixed in Golang * Wed Jul 26 2023 Zdenek Dohnal - 0.9.23-4 - SPDX migration * Thu Jul 20 2023 Fedora Release Engineering - 0.9.23-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering - 0.9.23-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

References


[ 1 ] Bug #2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests https://bugzilla.redhat.com/show_bug.cgi?id=2161274

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-ce2836acfa' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: golang-github-openprinting-ipp-usb
Product: Fedora 37
Version: 0.9.23
Release: 5.fc37
URL: https://github.com/OpenPrinting/ipp-usb
Summary: HTTP reverse proxy, backed by IPP-over-USB connection to device

Topics%20covered

Topics Covered

security advisory fedora update memory issue golang ipp-usb

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here