Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39 FEDORA-2024-40ee18b2e7 Critical: Ruff DoS Fix

fedora
Calendar Grey June 2, 2024
Dist Fedora Esm H88
Fedora 39's latest security bulletin introduces vital improvements focused on critical vulnerabilities in ruff and Rust software, enhancing both responsiveness and security measures
This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries)

Summary

An extremely fast Python linter and code formatter, written in Rust.

Ruff aims to be orders of magnitude faster than alternative tools while

integrating more functionality behind a single, common interface.

Ruff can be used to replace Flake8 (plus dozens of plugins), Black,

isort, pydocstyle, pyupgrade, autoflake, and more, all while executing

tens or hundreds of times faster than any individual tool.

Update Information:

This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html

Topics%20covered

Topics Covered

security advisory fedora critical fix denial-of-service safety update rust applications python linter

Change Log

* Thu May 23 2024 Fabio Valentini - 0.3.7-2 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces

References

Fedora Update Notification FEDORA-2024-40ee18b2e7 2024-06-02 03:36:56.060441 Name : ruff Product : Fedora 39 Version : 0.3.7 Release : 2.fc39 URL : https://github.com/astral-sh/ruff Summary : Extremely fast Python linter and code formatter Description : An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 (plus dozens of plugins), Black, isort, pydocstyle, pyupgrade, autoflake, and more, all while executing tens or hundreds of times faster than any individual tool.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-40ee18b2e7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ruff
Product: Fedora 39
Version: 0.3.7
Release: 2.fc39
URL: https://github.com/astral-sh/ruff
Summary: Extremely fast Python linter and code formatter

Topics%20covered

Topics Covered

security advisory fedora critical fix denial-of-service safety update rust applications python linter

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here