Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 38: 2023-17efd3f2cd Critical: CacheLib DDoS Mitigation Advisory

fedora
Calendar Grey October 24, 2023
Dist Fedora Esm H88
Act now to update cachelib and secure against a critical DDoS vulnerability. Ensure all users have the latest version for system safety and performance.
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487

Summary

CacheLib is a C++ library providing in-process high performance caching

mechanism. CacheLib provides a thread safe API to build high throughput, low

overhead caching services, with built-in ability to leverage DRAM and SSD

caching transparently.

Update Information:

Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487

Topics%20covered

Topics Covered

security advisory update critical Fedora DDoS proxygen CacheLib

Change Log

* Wed Oct 18 2023 Michel Lind - 17^20231016-1 - Update to 2023.10.16.00 * Tue Oct 17 2023 Michel Lind - 17^20231009-1 - Update to 2023.10.09.00 * Tue Sep 12 2023 Michel Lind - 17^20230911-1 - Update to 2023.09.11.00

References


[ 1 ] Bug #2221799 - mcrouter-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2221799 [ 2 ] Bug #2239431 - proxygen-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239431 [ 3 ] Bug #2239594 - wangle-2023.10.16.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239594 [ 4 ] Bug #2239613 - fb303-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239613 [ 5 ] Bug #2239614 - fbthrift-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239614 [ 6 ] Bug #2239623 - fizz-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239623 [ 7 ] Bug #2239624 - folly-2023.10.09.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239624 [ 8 ] Bug #2243253 - [Major Incident] CVE-2023-44487 proxygen: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-17efd3f2cd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: cachelib
Product: Fedora 38
Version: 17^20231016
Release: 1.fc38
URL: https://github.com/facebook/CacheLib
Summary: Pluggable caching engine for scale high performance cache services

Topics%20covered

Topics Covered

security advisory update critical Fedora DDoS proxygen CacheLib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here