Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 38: FEDORA-2024-80ee97033c Urgent: UPX Buffer Vulnerability

fedora
Calendar Grey April 12, 2024
Dist Fedora Esm H88
Important patch release for Fedora 38: upx mitigates memory corruption vulnerabilities and improves binary size optimization.

4.2.3

Summary

UPX is a free, portable, extendable, high-performance executable

packer for several different executable formats. It achieves an

excellent compression ratio and offers very fast decompression. Your

executables suffer no memory overhead or other drawbacks.

Update Information:

4.2.3

Topics%20covered

Topics Covered

security advisory update critical Fedora heap overflow upx executable

Change Log

* Thu Mar 28 2024 Gwyn Ciesla - 4.2.3-1 - 4.2.3 * Sat Jan 27 2024 Fedora Release Engineering - 4.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jan 4 2024 Gwyn Ciesla - 4.2.2-1 - 4.2.2 * Thu Nov 2 2023 Gwyn Ciesla - 4.2.1-1 - 4.2.1 * Fri Oct 27 2023 Gwyn Ciesla - 4.2.0-1 - 4.2.0

References


[ 1 ] Bug #2272102 - upx-4.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2272102 [ 2 ] Bug #2272828 - CVE-2024-3209 upx: heap-based buffer overflow via get_ne64() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272828

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-70ee97033b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: upx
Product: Fedora 38
Version: 4.2.3
Release: 1.fc38
URL: https://github.com/upx/upx
Summary: Ultimate Packer for eXecutables

Topics%20covered

Topics Covered

security advisory update critical Fedora heap overflow upx executable

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here