Alerts This Week
Warning Icon 1 1,220
Alerts This Week
Warning Icon 1 1,220

Fedora 41: 2024-0912cd3ad9 critical: incus authorization bypass

fedora
Calendar Grey December 27, 2024
Dist Fedora Esm H88
The latest version 6.8 of Fedora's incus addresses a variety of bugs and enhances overall performance. For comprehensive insights, refer to the security advisory.
Update to 6.8 to get various features and fixes

Summary

Container hypervisor based on LXC

Incus offers a REST API to remotely manage containers over the network,

using an image based work-flow and with support for live migration.

This package contains the Incus daemon.

Update Information:

Update to 6.8 to get various features and fixes

Change Log

* Wed Dec 18 2024 Neal Gompa - 6.8-1 - Update to 6.8 - Another fix for incus socket

References


[ 1 ] Bug #2279094 - incus-6.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2279094 [ 2 ] Bug #2292096 - incus.service missing an environment variable INCUS_SOCKET https://bugzilla.redhat.com/show_bug.cgi?id=2292096 [ 3 ] Bug #2328736 - [abrt] incus-client: runtime.raise(): incus killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=2328736 [ 4 ] Bug #2331983 - CVE-2024-45337 incus: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2331983

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-0912cd3ad9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: incus
Product: Fedora 41
Version: 6.8
Release: 1.fc41
Summary: Powerful system container and virtual machine manager

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here