Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
89
security advisoryFedoraupdate informationFedora 38: 2024-f2305d485f Critical Update for Firecracker Rust-vmm
Update rust-vmm components and their consumers to address CVE-2023-50711. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-f2305d485f 2024-02-14 01:11:43.154092 -------------------------------------------------------------------------------- Name : firecracker Product : Fedora 38 Version : 1.6.0 Release : 6.fc38 URL : https://firecracker-microvm.github.io/ Summary : Secure and fast microVMs for serverless computing Description : Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine the security and isolation properties provided by hardware virtualization technology with the speed and flexibility of containers. This package does not include all of the security features of an official release. It is not production ready without additional sandboxing. -------------------------------------------------------------------------------- Update Information: Update rust-vmm components and their consumers to address CVE-2023-50711 -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 28 2024 David Michael - 1.6.0-6 - Sync linux-loader with the upstream version fixing the vmm-sys-util CVE. * Wed Jan 24 2024 Fedora Release Engineering - 1.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 David Michael - 1.6.0-4 - Backport the userfaultfd update for its unrecognized ioctl fixes. * Fri Jan 19 2024 Fedora Release Engineering - 1.6.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jan 11 2024 David Michael - 1.6.0-2 - Backport changes to update vmm-sys-util forCVE-2023-50711. -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-f2305d485f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 14, 2024
•Critical
Fedora
89
security advisoryfedoracritical updateFedora 39 Firecracker ADVISORY: FEDORA-2024-04877592b7 Critical Update
Update rust-vmm components and their consumers to address CVE-2023-50711. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-04877592b7 2024-02-10 01:24:59.648730 -------------------------------------------------------------------------------- Name : firecracker Product : Fedora 39 Version : 1.6.0 Release : 6.fc39 URL : https://firecracker-microvm.github.io/ Summary : Secure and fast microVMs for serverless computing Description : Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine the security and isolation properties provided by hardware virtualization technology with the speed and flexibility of containers. This package does not include all of the security features of an official release. It is not production ready without additional sandboxing. -------------------------------------------------------------------------------- Update Information: Update rust-vmm components and their consumers to address CVE-2023-50711 -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 28 2024 David Michael - 1.6.0-6 - Sync linux-loader with the upstream version fixing the vmm-sys-util CVE. * Wed Jan 24 2024 Fedora Release Engineering - 1.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 David Michael - 1.6.0-4 - Backport the userfaultfd update for its unrecognized ioctl fixes. * Fri Jan 19 2024 Fedora Release Engineering - 1.6.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Jan 11 2024 David Michael - 1.6.0-2 - Backport changes to update vmm-sys-util forCVE-2023-50711. -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-04877592b7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 10, 2024
•Critical
Fedora
89
security advisoryupdateFedoraFedora 37: FEDORA-2023-bc40c7995e Low Severity Aes-Gcm Security Fix
- Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages (firecracker) for aes-gcm v0.10.3. https://www.cve.org/CVERecord?id=CVE-2023-42811. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-bc40c7995e 2023-10-03 00:43:11.265617 -------------------------------------------------------------------------------- Name : rust-aes-gcm Product : Fedora 37 Version : 0.10.3 Release : 1.fc37 URL : Summary : Pure Rust implementation of the AES-GCM AEAD Cipher Description : Pure Rust implementation of the AES-GCM (Galois/Counter Mode) Authenticated Encryption with Associated Data (AEAD) Cipher with optional architecture-specific hardware acceleration. -------------------------------------------------------------------------------- Update Information: - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages (firecracker) for aes-gcm v0.10.3. https://www.cve.org/CVERecord?id=CVE-2023-42811 -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 24 2023 Fabio Valentini - 0.10.3-1 - Update to version 0.10.3; Fixes RHBZ#2240136 * Fri Jul 21 2023 Fedora Release Engineering - 0.10.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2240269 - CVE-2023-42811 rust-aes-gcm: aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2240269 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-bc40c7995e' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 03, 2023
•Low
Fedora
89
security advisoryfedoraupdateFedora 39: 2023-8e6ae98f81 Critical: Firecracker Memory Access Issue
Rebuild dependent packages for vm-memory v0.12.2 to address CVE-2023-41051 / RUSTSEC-2023-0056. - - bin/cvename.cgi?name=CVE-2023-41051 - https://rustsec.org/advisories/RUSTSEC-2023-0056.html. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-8e6ae98f81 2023-09-23 00:16:13.955908 -------------------------------------------------------------------------------- Name : firecracker Product : Fedora 39 Version : 1.4.1 Release : 2.fc39 URL : https://firecracker-microvm.github.io/ Summary : Secure and fast microVMs for serverless computing Description : Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine the security and isolation properties provided by hardware virtualization technology with the speed and flexibility of containers. This package does not include all of the security features of an official release. It is not production ready without additional sandboxing. -------------------------------------------------------------------------------- Update Information: Rebuild dependent packages for vm-memory v0.12.2 to address CVE-2023-41051 / RUSTSEC-2023-0056. - - bin/cvename.cgi?name=CVE-2023-41051 - https://rustsec.org/advisories/RUSTSEC-2023-0056.html -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 19 2023 Fabio Valentini - 1.4.1-2 - Rebuild for vm-memory v0.12.2 / CVE-2023-41051. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2236894 - CVE-2023-41051 rust-vm-memory: vm-memory: out-of-bounds access in memory functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2236894 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-8e6ae98f81' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Sep 23, 2023
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!