Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 39 FEDORA-2024-c3e32c5635 Moderate: golang Minifier Security Fix

fedora
Calendar Grey March 7, 2024
Dist Fedora Esm H88
A patch for golang-github-tdewolff-minify has been released in Fedora 39 addressing the security vulnerability CVE-2023-39325. Discover the details today!
Update to latest version Security fix for CVE-2023-39325

Summary

Minify is a minifier package written in Go. It provides HTML5, CSS3, JS, JSON,

SVG and XML minifiers and an interface to implement any other minifier.

Minification is the process of removing bytes from a file (such as whitespace)

without changing its output and therefore shrinking its size and speeding up

transmission over the internet and possibly parsing. The implemented minifiers

are designed for high performance.

The core functionality associates mimetypes with minification functions,

allowing embedded resources (like CSS or JS within HTML files) to be minified as

well. Users can add new implementations that are triggered based on a mimetype

(or pattern), or redirect to an external command (like ClosureCompiler,

UglifyCSS, ...).

Update Information:

Update to latest version Security fix for CVE-2023-39325

Topics%20covered

Topics Covered

security advisory moderate Fedora security fix performance golang minifier

Change Log

* Tue Feb 27 2024 Elliott Sales de Andrade - 2.20.18-1 - Update to latest version (#2245375) * Sun Feb 11 2024 Maxwell G - 2.12.9-4 - Rebuild for golang 1.22.0 * Wed Jan 24 2024 Fedora Release Engineering - 2.12.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jan 20 2024 Fedora Release Engineering - 2.12.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

References


[ 1 ] Bug #2245375 - golang-github-tdewolff-minify-2.20.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2245375 [ 2 ] Bug #2246794 - golang-github-tdewolff-parse-2.7.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2246794 [ 3 ] Bug #2248340 - golang-github-tdewolff-minify: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2248340

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c3e32c5635' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: golang-github-tdewolff-minify
Product: Fedora 39
Version: 2.20.18
Release: 1.fc39
URL: https://github.com/tdewolff/minify
Summary: Go minifiers for web formats

Topics%20covered

Topics Covered

security advisory moderate Fedora security fix performance golang minifier

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here