Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Fedora 40: 2024-d4d1e89e61 critical: iaito command injection fix

fedora
Calendar Grey December 12, 2024
Dist Fedora Esm H88
Important patch released for iaito on Fedora 40 addressing command injection vulnerability in radare2. Protect your environment effectively.
iaito is a Qt and C++ GUI for radare2

Summary

iaito is a Qt and C++ GUI for radare2.

It is the continuation of Cutter before the fork to keep radare2 as backend.

Its goal is making an advanced, customizable and FOSS reverse-engineering

platform while keeping the user experience at mind.

The iaito is created by reverse engineers for reverse engineers.

Focus on supporting latest version of radare2.

Recommend the use of system installed libraries/radare2.

Closer integration between r2 and the UI.

Update Information:

Bump radare2 to 5.9.8, iaito to 5.9.9, fixes CVE-2024-11858

Topics%20covered

Topics Covered

security advisory Fedora command injection reverse engineering radare2 Qt GUI FOSS application

Change Log

* Sat Nov 30 2024 Michal Ambroz - 5.9.9-2 - iaito rebuild * Mon Nov 25 2024 Michal Ambroz - 5.9.9-1 - bump to 5.9.9 * Thu Oct 31 2024 Michal Ambroz - 5.9.6-2 - fix epel8 build

References


[ 1 ] Bug #2313891 - iaito: fails to install from epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2313891 [ 2 ] Bug #2327286 - iaito-5.9.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327286 [ 3 ] Bug #2327308 - radare2-5.9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327308 [ 4 ] Bug #2329104 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2329104 [ 5 ] Bug #2329105 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2329105 [ 6 ] Bug #2329107 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2329107 [ 7 ] Bug #2329108 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-41] ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-d4d1e89e61' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: iaito
Product: Fedora 40
Version: 5.9.9
Release: 2.fc40
URL: https://radare.org/n/iaito.html
Summary: GUI for radare2 reverse engineering framework

Topics%20covered

Topics Covered

security advisory Fedora command injection reverse engineering radare2 Qt GUI FOSS application

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here