Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 38: FEDORA-2024-bd9e67c117 critical: et remote shell update

fedora
Calendar Grey May 2, 2024
Dist Fedora Esm H88
The latest Eternal Terminal release for Fedora 38 enhances security measures and optimizes performance, providing detailed instructions for troubleshooting.
Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258 Unbundle cpp-httlib, fixing CVE-2023-26130

Summary

Eternal Terminal (ET) is a remote shell that automatically reconnects without

interrupting the session.

Update Information:

Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258 Unbundle cpp-httlib, fixing CVE-2023-26130

Topics%20covered

Topics Covered

security advisory critical Fedora information exposure remote shell CRLF injection eternal terminal cpp-httplib

Change Log

* Tue Apr 30 2024 Michel Lind - 6.2.8-1 - Update to 6.2.8 (rhbz#2162155) - Temporarily rebundle catch2; the version in Fedora is too old * Fri Apr 26 2024 Michel Lind - 6.2.1-15 - Disable unwind on s390x * Fri Apr 26 2024 Michel Lind - 6.2.1-14 - Unbundle cpp-httplib (rhbz#2169585) - Eliminate almost all sed usage - Use find_package to find cxxopts - Use pkg_check_modules to find easylogging++ - Enable SELinux support - Enable unwind support * Thu Apr 25 2024 Michel Lind - 6.2.1-13 - Use SPDX license identifier * Wed Jan 24 2024 Fedora Release Engineering - 6.2.1-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 6.2.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

References


[ 1 ] Bug #2161247 - CVE-2022-48257 et: EternalTerminal: information exposure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2161247 [ 2 ] Bug #2161251 - CVE-2022-48258 et: MisterTea/EternalTerminal: information exposure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2161251 [ 3 ] Bug #2162155 - et-6.2.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2162155 [ 4 ] Bug #2169585 - Please try to use cpp-httplib-devel package https://bugzilla.redhat.com/show_bug.cgi?id=2169585 [ 5 ] Bug #2211077 - CVE-2023-26130 et: cpp-httplib: CRLF Injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2211077 [ 6 ] Bug #2211079 - CVE-2023-26130 et: cpp-httplib: CRLF Injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2211079

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-bd9e67c117' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: et
Product: Fedora 38
Version: 6.2.8
Release: 1.fc38
URL: https://eternalterminal.dev/
Summary: Remote shell that survives IP roaming and disconnect

Topics%20covered

Topics Covered

security advisory critical Fedora information exposure remote shell CRLF injection eternal terminal cpp-httplib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here