Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 38: 2023-ac4651c9b2 Critical: golang-github-schollz-croc Memory Leak

fedora
Calendar Grey July 4, 2023
Dist Fedora Esm H88
The revision for golang-github-schollz-croc in Fedora 38 addresses vulnerabilities and mitigates potential memory overconsumption.
croc 9.6.4

Summary

croc is a tool that allows any two computers to simply and securely transfer

files and folders.

croc 9.6.4

* Sun Jun 25 2023 Davide Cavalca - 9.6.4-2

- Gate out broken test on s390x for f38

* Fri May 19 2023 Mikel Olasagasti Uranga - 9.6.4-1

- Update to 9.6.4 - Closes rhbz#2208585 rhbz#2171537 rhbz#2163218

* Thu Jan 19 2023 Fedora Release Engineering - 9.5.2-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

* Thu Jul 21 2022 Fedora Release Engineering - 9.5.2-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

* Tue Jul 19 2022 Maxwell G - 9.5.2-2

- Rebuild for

CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang

[ 1 ] Bug #2163218 - CVE-2022-41717 golang-github-schollz-croc: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2163218

[ 2 ] Bug #2171537 - golang-github-schollz-croc: FTBFS in Fedora rawhide/f38

https://bugzilla.redhat.com/show_bug.cgi?id=2171537

[ 3 ] Bug #2208585 - golang-github-schollz-croc-9.6.4 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2208585

su -c 'dnf upgrade --advisory FEDORA-2023-ac4651c9b2' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Topics%20covered

Topics Covered

security advisory fedora software update memory leak threat mitigation file transfer golang

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 38
Version: 9.6.4
Release: 2.fc38
URL: https://github.com/schollz/croc
Summary: Easily and securely send things from one computer to another

Topics%20covered

Topics Covered

security advisory fedora software update memory leak threat mitigation file transfer golang

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here