Stay Secure with the Latest Linux Advisories

security advisorydenial of servicefedora

Fedora 40: FEDORA-2024-ce2936b568 Moderate DoS Alert For Glycin Loaders

This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ce2936b568 2024-05-26 01:25:15.719720 -------------------------------------------------------------------------------- Name : glycin-loaders Product : Fedora 40 Version : 1.0.1 Release : 4.fc40 URL : Summary : Sandboxed image rendering Description : Sandboxed and extendable image decoding. -------------------------------------------------------------------------------- Update Information: This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html -------------------------------------------------------------------------------- ChangeLog: * Fri May 24 2024 Fabio Valentini - 1.0.1-4 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces * Tue Apr 9 2024 Yaakov Selkowitz - 1.0.1-3 - Disable jpegxl loader in RHEL builds * Thu Apr 4 2024 Yaakov Selkowitz - 1.0.1-2 - Add librarydependencies -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Fedora 40's latest security advisory tackles glycin-loaders, addressing Rust debugging repairs and low-priority vulnerabilities, boosting system security without major user disruption.. Fedora 40 Update, Rust Applications, Glycin Loaders, Security Fixes, Denial of Service. . LinuxSecurity.com Team

May 26, 2024 Fedora