Security fix for CVE-2021-30473 Security fix for CVE-2021-30475


Fix bug with 100% cpu utilization on network link change (or wakeup) when websockets are in use (well-known "github + polyfill addon and wakeup" issue), and backport some other improvements from upstream.

How to install

sudo dnf upgrade --advisory=FEDORA-2021-1c3f7963a5

This update's test gating status has been changed to 'waiting'.

4 months ago

This update has obsoleted seamonkey-2.53.7-4.fc34, and has inherited its bugs and notes.

4 months ago

This update has been submitted for testing by bodhi.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago
User Icon andilinux commented & provided feedback 4 months ago
karma

no issues

User Icon buc commented & provided feedback 4 months ago
karma

no issues

This update can be pushed to stable now if the maintainer wishes

4 months ago
User Icon atim provided feedback 4 months ago
karma

This update has been submitted for stable by bodhi.

4 months ago

This update has been pushed to stable.

4 months ago
User Icon adamwill commented & provided feedback 4 months ago

this will have caused gimp, and hence Python 2.x and GTK+ 2.x, to be installed for quite a lot of people :( See https://pagure.io/releng/failed-composes/issue/2568#comment-737981 . I'll send out a jpegxl update to prevent it, once it goes stable at least.

User Icon eclipseo commented & provided feedback 4 months ago

Sorry about that, I didn't realise that putting it in weak deps would bring the whole Gimp suite during composes,

User Icon sammy commented & provided feedback 4 months ago
karma

No issues.

Tested on fedora workstation vm running in gnome box with allocated 20gib hdd and 2.5gib ram. Host OS is Fedora workstation running on 10th gen intel i3 processor, 8gib ram and 1TB hdd(HP 240 G8 laptop).


Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
4 months ago
BZ#1954337 aom-3.1.1 is available
0
0
BZ#1961375 CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is not located on the heap
0
0
BZ#1961376 CVE-2021-30473 aom: libaom: aom_image.c in libaom frees memory that is not located on the heap [fedora-all]
0
0
BZ#1968017 CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
0
0
BZ#1968018 CVE-2021-30475 aom: libaom: Buffer overflow in aom_dsp/noise_model.c [fedora-all]
0
0

Automated Test Results