Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 506
Alerts This Week
Warning Icon 1 506

Fedora 40 Advisory: erlang-jose Update for Critical DoS Issue

fedora
Calendar Grey July 16, 2024
Dist Fedora Esm H88
Fedora 40 has issued an update for erlang-jose, addressing a critical denial-of-service vulnerability, enhancing system security and performance
Re-reviewed Jose ver

Summary

JSON Object Signing and Encryption (JOSE) for Erlang and Elixir.

Update Information:

Re-reviewed Jose ver. 1.11.10

Change Log

* Sun Jul 7 2024 Peter Lemenkov - 1.11.10-1 - Jose ver. 1.11.10 * Wed Jan 24 2024 Fedora Release Engineering - 1.11.2-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 1.11.2-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering - 1.11.2-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering - 1.11.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Aug 22 2022 Peter Lemenkov - 1.11.2-1 - Update to 1.11.2 * Thu Jul 21 2022 Fedora Release Engineering - 1.10.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

References


[ 1 ] Bug #1901352 - erlang-jose-1.11.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1901352 [ 2 ] Bug #2171479 - erlang-jose: FTBFS in Fedora rawhide/f38 https://bugzilla.redhat.com/show_bug.cgi?id=2171479 [ 3 ] Bug #2225778 - erlang-jose: FTBFS in Fedora rawhide/f39 https://bugzilla.redhat.com/show_bug.cgi?id=2225778 [ 4 ] Bug #2270312 - TRIAGE CVE-2023-50966 erlang-jose: Denial-of-service due to high CPU consumption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270312 [ 5 ] Bug #2295183 - Re-Review Request: erlang-jose - JSON Object Signing and Encryption (JOSE) for Erlang and Elixir https://bugzilla.redhat.com/show_bug.cgi?id=2295183

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a8d7972ef6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: erlang-jose
Product: Fedora 40
Version: 1.11.10
Release: 1.fc40
Summary: JSON Object Signing and Encryption (JOSE) for Erlang and Elixir

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.