Stay Secure with the Latest Linux Advisories

security advisoryFedoraupdate information

Fedora 33: rpki-client 2021-31012ee5a0 Security Advisory

rpki-client 7.5 untrusted input: - Fail repository synchronisation after 15min runtime. - Limit the number of repositories per TAL. - Don't allow `DOCTYPE` definitions in RRDP XML files. - Fix detection of HTTP redirect loops. * Limit the number of concurrent `rsync` processes. * Fix `CRLF` in TAL files.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-31012ee5a0 2021-11-18 01:57:22.428442 --------------------------------------------------------------------------------Name : rpki-client Product : Fedora 33 Version : 7.5 Release : 1.fc33 URL : https://www.rpki-client.org/ Summary : RPKI validator to support BGP Origin Validation Description : The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisations (ROAs) and finally outputs Validated ROA Payloads (VRPs) in the configuration format of OpenBGPD, BIRD, and also as CSV or JSON objects for consumption by other routing stacks. --------------------------------------------------------------------------------Update Information: rpki-client 7.5 =============== * Make rpki-client more resilient regarding untrusted input: - Fail repository synchronisation after 15min runtime. - Limit the number of repositories per TAL. - Don't allow `DOCTYPE` definitions in RRDP XML files. - Fix detection of HTTP redirect loops. * Limit the number of concurrent `rsync` processes. * Fix `CRLF` in TAL files. --------------------------------------------------------------------------------ChangeLog: * Tue Nov 9 2021 Robert Scheck 7.5-1 - Upgrade to 7.5 (#2021523) --------------------------------------------------------------------------------References: [ 1 ] Bug #2021523 -rpki-client-7.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2021523 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-31012ee5a0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Enhancements for Fedora 33's rpki-client boost input management and resolve several challenges tied to repository syncing.. rpki-client, Fedora security, repository synchronization, BGP validation. . Severity: Critical. LinuxSecurity.com Team

Nov 17, 2021 •Critical Fedora