Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

openSUSE Leap 15.2: openSUSE-SU-2021:1125-1 Moderate: aria2 Issue

opensuse
Calendar Grey August 10, 2021
Dist Opensuse Esm H88
A new patch for openSUSE is out, tackling a moderate vulnerability involving aria2, complete with comprehensive installation guidelines.
An update that fixes one vulnerability is now available

Description

This update for aria2 fixes the following issues:

Update to version 1.35.0:

* Drop SSLv3.0 and TLSv1.0 and add TLSv1.3

* TLSv1.3 support is added for GNUTLS and OpenSSL.

* Platform: Fix compilation without deprecated OpenSSL APIs

* Remove linux getrandom and use C++ stdlib instead

* Don't send Accept Metalink header if Metalink is disabled

- Move bash completion to better location

Update to version 1.34.0:

* UnknownLengthPieceStorage: return piece length show something in console

status when downloading items with unknown content length

* Fix bug that signal handler does not work with libaria2 when

aria2::RUN_ONCE is passed to aria2::run().

* Retry on HTTP 502

Topics%20covered

Topics Covered

security advisory update moderate issue openSUSE aria2 patch instructions

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-1125=1

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2021-1125=1

- openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2021-1125=1

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2021-1125=1

Package List

- openSUSE Leap 15.2 (noarch):

aria2-lang-1.35.0-lp152.5.3.1

- openSUSE Leap 15.2 (x86_64):

aria2-1.35.0-lp152.5.3.1

aria2-debuginfo-1.35.0-lp152.5.3.1

aria2-debugsource-1.35.0-lp152.5.3.1

aria2-devel-1.35.0-lp152.5.3.1

libaria2-0-1.35.0-lp152.5.3.1

libaria2-0-debuginfo-1.35.0-lp152.5.3.1

- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):

aria2-1.35.0-bp153.2.3.1

aria2-debuginfo-1.35.0-bp153.2.3.1

aria2-debugsource-1.35.0-bp153.2.3.1

aria2-devel-1.35.0-bp153.2.3.1

libaria2-0-1.35.0-bp153.2.3.1

libaria2-0-debuginfo-1.35.0-bp153.2.3.1

- openSUSE Backports SLE-15-SP3 (noarch):

aria2-lang-1.35.0-bp153.2.3.1

- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):

aria2-1.35.0-bp152.4.3.1

aria2-debuginfo-1.35.0-bp152.4.3.1

aria2-debugsource-1.35.0-bp152.4.3.1

aria2-devel-1.35.0-bp152.4.3.1

libaria2-0-1.35.0-bp152.4.3.1

libaria2-0-debuginfo-1.35.0-bp152.4.3.1

- openSUSE Backports SLE-15-SP2 (noarch):

aria2-lang-1.35.0-bp152.4.3.1

- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

aria2-...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2019-3500.html

https://bugzilla.suse.com/1189107

Announcement ID: openSUSE-SU-2021:1125-1
Rating: moderate
Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 .

Topics%20covered

Topics Covered

security advisory update moderate issue openSUSE aria2 patch instructions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here