Stay Secure with the Latest Linux Advisories

security advisorymoderatesoftware update

Fedora 37 Update: 2023-2cf9dd7d52 Moderate: Vtk Nullptr Issue

Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-2cf9dd7d52 2023-05-11 01:52:13.343931 --------------------------------------------------------------------------------Name : vtk Product : Fedora 37 Version : 9.1.0 Release : 18.fc37 URL : https://vtk.org/ Summary : The Visualization Toolkit - A high level 3D visualization library Description : VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms (e.g., surface reconstruction, implicit modeling, decimation) and rendering techniques (e.g., hardware-accelerated volume rendering, LOD control). NOTE: The version in this package has NOT been compiled with MPI support. Install the vtk-mpich package to get a version compiled with mpich. Install the vtk-openmpi package to get a version compiled with openmpi. --------------------------------------------------------------------------------Update Information: Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference --------------------------------------------------------------------------------ChangeLog: * Tue Apr 25 2023 Orion Poplawski - 9.1.0-18 - Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference (bz#2189654) --------------------------------------------------------------------------------References: [ 1 ] Bug #2189654 - CVE-2021-42521 vtk: NULL pointer dereference vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2189654 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2cf9dd7d52' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 37 update resolves CVE-2021-42521 affecting vtk, incorporating upstream fixes to address potential nullptr dereferencing concerns.. Fedora Update Notification,vtk security patch,CVE fix,nullptr dereference. . LinuxSecurity.com Team

May 11, 2023 Fedora