Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

Fedora 37 Advisory: CVE-2023-44487 Moderate DDoS Risk in Watchman

fedora
Calendar Grey October 24, 2023
Dist Fedora Esm H88
Guard for Fedora 37: Security patch for CVE-2023-44487, tackling a DDoS vulnerability stemming from various HTTP/2 servers.
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487

Summary

Watchman exists to watch files and record when they actually change. It can also

trigger actions (such as rebuilding assets) when matching files change.

Update Information:

Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487

Topics%20covered

Topics Covered

security advisory update Fedora DDoS risk proxygen Watchman

Change Log

* Wed Oct 18 2023 Michel Lind - 2021.05.10.00-24 - Rebuilt for folly 2023.10.16.00 * Wed Sep 13 2023 Michel Lind - 2021.05.10.00-23 - Rebuilt for folly 2023.09.11.00 * Sat Jul 22 2023 Fedora Release Engineering - 2021.05.10.00-22 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Jul 10 2023 Michel Alexandre Salim - 2021.05.10.00-21 - Rebuild for folly 2023.07.03.00 - Fix build failure with Python 3.12 (fixes: rhbz#2155443) - Fix build failure with fmt 10 (fixes: rhbz#2219458) - Use SPDX license identifiers * Wed Jun 28 2023 Vitaly Zaitsev - 2021.05.10.00-20 - Rebuilt due to fmt 10 update. * Tue Jun 13 2023 Python Maint - 2021.05.10.00-19 - Rebuilt for Python 3.12

References


[ 1 ] Bug #2221799 - mcrouter-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2221799 [ 2 ] Bug #2239431 - proxygen-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239431 [ 3 ] Bug #2239594 - wangle-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239594 [ 4 ] Bug #2239613 - fb303-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239613 [ 5 ] Bug #2239614 - fbthrift-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239614 [ 6 ] Bug #2239623 - fizz-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239623 [ 7 ] Bug #2239624 - folly-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239624 [ 8 ] Bug #2243253 - [Major Incident] CVE-2023-44487 proxygen: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2a9214af5f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: watchman
Product: Fedora 37
Version: 2021.05.10.00
Release: 24.fc37
URL: https://facebook.github.io/watchman/
Summary: File alteration monitoring service

Topics%20covered

Topics Covered

security advisory update Fedora DDoS risk proxygen Watchman

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here