Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Fedora 39: FEDORA-2024-9484b6915b Critical: Erlang-Jose DoS

fedora
Calendar Grey July 16, 2024
Dist Fedora Esm H88
Uncover the recent Fedora 39 release regarding erlang-jose which tackles a significant DoS vulnerability. Maintain your security posture by applying necessary updates promptly.
Re-reviewed Jose ver

Summary

JSON Object Signing and Encryption (JOSE) for Erlang and Elixir.

Update Information:

Re-reviewed Jose ver. 1.11.10

Change Log

* Sun Jul 7 2024 Peter Lemenkov - 1.11.10-1 - Jose ver. 1.11.10 * Wed Jan 24 2024 Fedora Release Engineering - 1.11.2-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 1.11.2-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering - 1.11.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering - 1.11.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Aug 22 2022 Peter Lemenkov - 1.11.2-1 - Update to 1.11.2

References


[ 1 ] Bug #1901352 - erlang-jose-1.11.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1901352 [ 2 ] Bug #2171479 - erlang-jose: FTBFS in Fedora rawhide/f38 https://bugzilla.redhat.com/show_bug.cgi?id=2171479 [ 3 ] Bug #2225778 - erlang-jose: FTBFS in Fedora rawhide/f39 https://bugzilla.redhat.com/show_bug.cgi?id=2225778 [ 4 ] Bug #2270312 - TRIAGE CVE-2023-50966 erlang-jose: Denial-of-service due to high CPU consumption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270312 [ 5 ] Bug #2295183 - Re-Review Request: erlang-jose - JSON Object Signing and Encryption (JOSE) for Erlang and Elixir https://bugzilla.redhat.com/show_bug.cgi?id=2295183

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-9484b6915b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: erlang-jose
Product: Fedora 39
Version: 1.11.10
Release: 1.fc39
Summary: JSON Object Signing and Encryption (JOSE) for Erlang and Elixir

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.