Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 39: FEDORA-2024-94a155818c moderate: et CRLF Injection

fedora
Calendar Grey May 2, 2024
Dist Fedora Esm H88
The latest update for Eternal Terminal, version 6.2.8, tackles security vulnerabilities such as data leakage and CRLF Injection pertaining to Fedora systems.
Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258 Unbundle cpp-httlib, fixing CVE-2023-26130

Summary

Eternal Terminal (ET) is a remote shell that automatically reconnects without

interrupting the session.

Update Information:

Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258 Unbundle cpp-httlib, fixing CVE-2023-26130

Topics%20covered

Topics Covered

security advisory software update Fedora moderate severity information exposure modification remote shell CRLF injection ET security fix CRLF Injection Eternal Terminal

Change Log

* Tue Apr 30 2024 Michel Lind - 6.2.8-1 - Update to 6.2.8 (rhbz#2162155) - Temporarily rebundle catch2; the version in Fedora is too old * Fri Apr 26 2024 Michel Lind - 6.2.1-15 - Disable unwind on s390x * Fri Apr 26 2024 Michel Lind - 6.2.1-14 - Unbundle cpp-httplib (rhbz#2169585) - Eliminate almost all sed usage - Use find_package to find cxxopts - Use pkg_check_modules to find easylogging++ - Enable SELinux support - Enable unwind support * Thu Apr 25 2024 Michel Lind - 6.2.1-13 - Use SPDX license identifier * Wed Jan 24 2024 Fedora Release Engineering - 6.2.1-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 6.2.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

References


[ 1 ] Bug #2161247 - CVE-2022-48257 et: EternalTerminal: information exposure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2161247 [ 2 ] Bug #2161251 - CVE-2022-48258 et: MisterTea/EternalTerminal: information exposure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2161251 [ 3 ] Bug #2162155 - et-6.2.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2162155 [ 4 ] Bug #2169585 - Please try to use cpp-httplib-devel package https://bugzilla.redhat.com/show_bug.cgi?id=2169585 [ 5 ] Bug #2211077 - CVE-2023-26130 et: cpp-httplib: CRLF Injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2211077 [ 6 ] Bug #2211079 - CVE-2023-26130 et: cpp-httplib: CRLF Injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2211079

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-94a155818c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: et
Product: Fedora 39
Version: 6.2.8
Release: 1.fc39
URL: https://eternalterminal.dev/
Summary: Remote shell that survives IP roaming and disconnect

Topics%20covered

Topics Covered

security advisory software update Fedora moderate severity information exposure modification remote shell CRLF injection ET security fix CRLF Injection Eternal Terminal

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here