Stay Secure with the Latest Linux Advisories

security advisorybuffer overflowFedora

Fedora 36: FEDORA-2021-bb9738d885 High: Libfoo Memory Leak

Update to latest in git.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-aa8637c985 2021-09-26 00:15:16.314943 --------------------------------------------------------------------------------Name : libspf2 Product : Fedora 35 Version : 1.2.11 Release : 1.20210922git4915c308.fc35 URL : Summary : An implementation of the SPF specification Description : libspf2 is an implementation of the SPF (Sender Policy Framework) specification as found at: https://www.ietf.org/archive/id/draft-mengwong-spf-00.txt SPF allows email systems to check SPF DNS records and make sure that an email is authorized by the administrator of the domain name that it is coming from. This prevents email forgery, commonly used by spammers, scammers, and email viruses/worms. A lot of effort has been put into making it secure by design, and a great deal of effort has been put into the regression tests. --------------------------------------------------------------------------------Update Information: Update to latest in git. --------------------------------------------------------------------------------ChangeLog: * Wed Sep 22 2021 Bojan Smojver - 1.2.11-1.20210922git4915c308 - Build latest upstream git HEAD - CVE-2021-20314 --------------------------------------------------------------------------------References: [ 1 ] Bug #1993071 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF explanation macros [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1993071 [ 2 ] Bug #1993072 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF explanation macros [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1993072 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-aa8637c985' at the command line. For moreinformation, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . The latest security bulletin for Libspf2 brings essential enhancements to Fedora 35, aimed at addressing email spoofing threats. Ensure your protection!. Libspf2 Security, Fedora Updates, Email Forgery Prevention. . LinuxSecurity.com Team

Sep 25, 2021 Fedora