Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisoryFedoralow severityFedora 36: 2022-08ae2dd481 Low Severity: Golang Notary Security Fix
Rebuild for CVE-2022-27191 ---- Fix FTBFS Close: rhbz#2045471. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-08ae2dd481 2022-05-07 04:08:14.315797 --------------------------------------------------------------------------------Name : golang-github-theupdateframework-notary Product : Fedora 36 Version : 0.7.0 Release : 4.fc36 URL : https://github.com/notaryproject/notary Summary : Project that allows anyone to have trust over arbitrary collections of data Description : The Notary project comprises a server and a client for running and interacting with trusted collections. See the service architecture documentation for more information. Notary aims to make the internet more secure by making it easy for people to publish and verify content. We often rely on TLS to secure our communications with a web server, which is inherently flawed, as any compromise of the server enables malicious content to be substituted for the legitimate content. With Notary, publishers can sign their content offline using keys kept highly secure. Once the publisher is ready to make the content available, they can push their signed trusted collection to a Notary Server. Consumers, having acquired the publisher's public key through a secure channel, can then communicate with any Notary server or (insecure) mirror, relying only on the publisher's key to determine the validity and integrity of the received content. --------------------------------------------------------------------------------Update Information: Rebuild for CVE-2022-27191 ---- Fix FTBFS Close: rhbz#2045471 --------------------------------------------------------------------------------ChangeLog: * Sat Apr 16 2022 Fabio Alessandro Locati 0.7.0-4 - Rebuilt for CVE-2022-27191 --------------------------------------------------------------------------------References: [ 1 ] Bug #2045471 - golang-github-appc-goaci: FTBFS inFedora rawhide/f36 https://bugzilla.redhat.com/show_bug.cgi?id=2045471 [ 2 ] Bug #2074262 - CVE-2022-27191 golang-x-crypto: golang: crash in a golang.org/x/crypto/ssh server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2074262 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-08ae2dd481' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 07, 2022
•Low
Fedora
89
security advisorysecurity updatecriticalFedora 27 Docker Security Update: CVE-2017-14992 Critical Threat
- Resolves: #1510351 - CVE-2017-14992 - built docker @projectatomic/docker-1.13.1 commit 584d391 - built docker-novolume-plugin commit 385ec70 - built rhel-push-plugin commit af9107b - built docker-lvm-plugin commit 8647404 - built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 - built docker-containerd @projectatomic/docker-1.13.1 commit 62a9c60 - built. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-15efa72a0c 2018-01-17 14:43:41.390375 --------------------------------------------------------------------------------Name : docker Product : Fedora 27 Version : 1.13.1 Release : 44.git584d391.fc27 URL : https://github.com/projectatomic/docker Summary : Automates deployment of containerized applications Description : Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. --------------------------------------------------------------------------------Update Information: - Resolves: #1510351 - CVE-2017-14992 - built docker @projectatomic/docker-1.13.1 commit 584d391 - built docker-novolume-plugin commit 385ec70 - built rhel-push-plugin commit af9107b - built docker-lvm-plugin commit 8647404 - built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 -built docker-containerd @projectatomic/docker-1.13.1 commit 62a9c60 - built docker-init commit 0effd37 - built libnetwork commit 460ac8f ---- make /etc/sysconfig/docker-storage-setup ghost but notconfig, https://bugzilla.redhat.com/show_bug.cgi?id=1508376 --------------------------------------------------------------------------------References: [ 1 ] Bug #1510351 - CVE-2017-14992 docker: Lack of content verification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1510351 [ 2 ] Bug #1508376 - docker-storage-setup fails to start https://bugzilla.redhat.com/show_bug.cgi?id=1508376 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade docker' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jan 17, 2018
•Critical
Fedora
89
security advisoryfedoraupdateFedora 26: FEDORA-2017-3976710f1e Critical: Docker Content Verification
Resolves: #1510351 - CVE-2017-14992 built docker @projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm- plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 built docker-containerd @projectatomic/docker-1.13.1 commit 62a9c60. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-3976710f1e 2017-12-09 21:09:01.032318 --------------------------------------------------------------------------------Name : docker Product : Fedora 26 Version : 1.13.1 Release : 44.git584d391.fc26 URL : https://github.com/projectatomic/docker Summary : Automates deployment of containerized applications Description : Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. --------------------------------------------------------------------------------Update Information: Resolves: #1510351 - CVE-2017-14992 built docker @projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm-plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 built docker-containerd @projectatomic/docker-1.13.1 commit 62a9c60 built docker-init commit 0effd37 built libnetwork commit 460ac8f ----make /etc/sysconfig/docker-storage-setup ghost but notconfig, https://bugzilla.redhat.com/show_bug.cgi?id=1508376 --------------------------------------------------------------------------------References: [ 1 ] Bug #1510351 - CVE-2017-14992 docker: Lack of content verification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1510351 [ 2 ] Bug #1508376 - docker-storage-setup fails to start https://bugzilla.redhat.com/show_bug.cgi?id=1508376 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade docker' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 09, 2017
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!