Stay Secure with the Latest Linux Advisories

security advisoryDoS issuesoftware update

Fedora 39: FEDORA-2024-f83b123d63 Moderate Update for python-aiohttp

Update llhttp to 9.2.1, fixing CVE-2024-27982. Additionally, llhttp 9.2.0 contained a number of bug fixes. Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-f83b123d63 2024-04-20 01:02:39.396055 -------------------------------------------------------------------------------- Name : python-aiohttp Product : Fedora 39 Version : 3.9.3 Release : 3.fc39 URL : https://github.com/aio-libs/aiohttp Summary : Python HTTP client/server for asyncio Description : Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing. -------------------------------------------------------------------------------- Update Information: Update llhttp to 9.2.1, fixing CVE-2024-27982. Additionally, llhttp 9.2.0 contained a number of bug fixes. Backport llhttp 9.2.1 support to python-aiohttp 3.9.3. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 11 2024 Benjamin A. Beasley - 3.9.3-3 - Backport support for llhttp 9.2.1 - Started rejecting obsolete line folding in Python parser to match * Fri Feb 16 2024 Benjamin A. Beasley - 3.9.3-2 - Rebuilt for llhttp-9.2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2273352 - llhttp-9.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2273352 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-f83b123d63' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 39 Upgrade: python-aiohttp version 3.9.3 addresses CVE-2024-27982 by including llhttp 9.2.1. Major security enhancements integrated.. python aiohttp update, security advisory Fedora, llhttp fixes, software vulnerability fix. . LinuxSecurity.com Team

Apr 20, 2024 Fedora