Fedora 40: FEDORA-2024-f1615b58e6 critical: python-platformio DoS
fedora
October 24, 2024
Security fix for CVE-2024-47874
Summary
PlatformIO is a cross-platform, cross-architecture, multiple framework,
professional tool for embedded systems engineers and for software developers
who write applications for embedded products.
Update Information:
Security fix for CVE-2024-47874. Starlette 0.40.0 (October 15, 2024) This release fixes a Denial of service (DoS) via multipart/form-data requests. You can view the full security advisory: GHSA-f96h-pmfr-66vw Fixed Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data requests fd038f3.
Change Log
* Tue Oct 15 2024 Benjamin A. Beasley
References
[ 1 ] Bug #2318804 - CVE-2024-47874 python-starlette: Starlette Denial of service (DoS) via multipart/form-data [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2318804
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-f1615b58e6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: python-platformio
Product: Fedora 40
Version: 6.1.14
Release: 7.fc40
Summary: Professional collaborative platform for embedded development
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!