FEDORA-2021-f3ebd7554c created by hno 7 months ago for Fedora 33
stable

Update to version 5.1.1. Security fix for CVE-CVE-2020-16269 and CVE-2020-17487

How to install

sudo dnf upgrade --advisory=FEDORA-2021-f3ebd7554c

This update has been submitted for testing by hno.

7 months ago

This update's test gating status has been changed to 'ignored'.

7 months ago

This update's test gating status has been changed to 'waiting'.

7 months ago

This update's test gating status has been changed to 'ignored'.

7 months ago

This update has been pushed to testing.

7 months ago
User Icon jmbegley commented & provided feedback 7 months ago
karma

Uninstallable until cutter-re is also rebuilt

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

7 months ago

This update can be pushed to stable now if the maintainer wishes

7 months ago
User Icon rebus commented & provided feedback 7 months ago
karma

Works without cutter, but breaks dependencies if installed:

$ dnf update radare2 cutter-re --enablerepo=updates-testing --allowerasing Last metadata expiration check: 0:32:20 ago on 2021-02-28T01:39:28 CET. Dependencies resolved.

Problem: cannot install the best update candidate for package cutter-re-1.11.0-2.fc33.x86_64 - problem with installed package cutter-re-1.11.0-2.fc33.x86_64 - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_anal.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_asm.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_bin.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_bp.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_config.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_cons.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_core.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_crypto.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_debug.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_egg.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_flag.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_fs.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_hash.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_io.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_parse.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_reg.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_search.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_syscall.so.4.5.0()(64bit), but none of the providers can be installed - package cutter-re-1.11.0-2.fc33.x86_64 requires libr_util.so.4.5.0()(64bit), but none of the providers can be installed - cannot install the best update candidate for package radare2-4.5.0-2.fc33.1.x86_64 - cannot install both radare2-5.1.1-1.fc33.x86_64 and radare2-4.5.0-2.fc33.1.x86_64 - cannot install both radare2-4.5.0-2.fc33.1.x86_64 and radare2-5.1.1-1.fc33.x86_64 - cannot install both radare2-4.5.0-1.fc33.1.x86_64 and radare2-5.1.1-1.fc33.x86_64 ====================================================================================================================================== Package Architecture Version Repository Size

====================================================================================================================================== Skipping packages with conflicts: (add '--best' to command line to force their upgrade): radare2 x86_64 4.5.0-1.fc33.1 fedora 4.0 M radare2 x86_64 5.1.1-1.fc33 updates-testing 4.1 M

Transaction Summary ====================================================================================================================================== Skip 2 Packages

Nothing to do. Complete!

User Icon hno commented & provided feedback 6 months ago

Cutter is being replaced by recutter.

It's yet undecided if Radare will be replaced by Rizin, in which case Cutter will replace recutter.

This update has been submitted for stable by hno.

6 months ago

This update has been pushed to stable.

6 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
-2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 months ago
in testing
7 months ago
in stable
6 months ago
BZ#1864842 CVE-2020-16269 radare2: segmentation fault in parse_typedef function in type_dwarf.c via a malformed DW_AT_name in the .debug_info section
0
0
BZ#1864844 CVE-2020-16269 radare2: segmentation fault in parse_typedef function in type_dwarf.c via a malformed DW_AT_name in the .debug_info section [fedora-all]
0
0
BZ#1869623 CVE-2020-17487 radare2: misparsing signature information in PE files could lead to DoS
0
0
BZ#1869626 CVE-2020-17487 radare2: misparsing signature information in PE files could lead to DoS [fedora-all]
0
0
BZ#1875673 radare2-5.1.1 is available
0
0
BZ#1923483 radare2: FTBFS in Fedora rawhide/f34
0
0

Automated Test Results