obsolete
FEDORA-2022-6aba96e1b8 created by rebus 4 months ago for Fedora 34

Bugfix release. fixes CVE-2022-0518 2055256, 2055130 - https://github.com/radareorg/radare2/commit/9650e3c352f675687bf6c6f65ff2c4a3d0e288fa fixes CVE-2022-0519 2055103, 2055104 - https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5 fixes CVE-2022-0520 2055145, 2055146 - https://github.com/radareorg/radare2/commit/8525ad0b9fd596f4b251bb3d7b114e6dc7ce1ee8 fixes CVE-2022-0521 2055043, 2055044 - https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5 fixes CVE-2022-0522 2055029, 2055030 - https://github.com/radareorg/radare2/commit/d17a7bdf166108a29a27cd89bf454f9fa6c050d6 fixes CVE-2022-0523 2055152, 2055153 - https://github.com/radareorg/radare2/commit/35482cb760db10f87a62569e2f8872dbd95e9269 fixes CVE-2022-0559 2055256. 2055257 - https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e fixes CVE-2022-0676 2056758, 2056759 - https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6 fixes CVE-2022-0712 2057173, 2057174, 2057175, 2057176 - https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7 fixes CVE-2022-0713 2057707, 2057708, 2057709, 2057710 - https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1 fixes CVE-2022-0476 2057712, 2057713, 2057714, 2057715 - https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b fixes CVE-2022-0695 2058522, 2058523, 2058525 - https://github.com/radareorg/radare2/commit/634b886e84a5c568d243e744becc6b3223e089cf

This update has been submitted for testing by rebus.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago
User Icon vainly commented & provided feedback 4 months ago
karma

Cannot be installed when using the GUI frontend iaito:

┌─[vainlystrain@vainlystrain]─[~] └──╼ $sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-6aba96e1b8 Fedora 34 - x86_64 - Test Updates 8.0 kB/s | 18 kB 00:02
Fedora 34 - x86_64 - Test Updates 1.3 MB/s | 10 MB 00:07
Last metadata expiration check: 0:00:09 ago on Sun 06 Mar 2022 03:39:17 CET. Dependencies resolved.

Problem: problem with installed package iaito-5.3.1-4.fc34.x86_64 - package iaito-5.3.1-4.fc34.x86_64 requires libr_anal.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_asm.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_bin.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_bp.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_config.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_cons.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_core.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_crypto.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_debug.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_egg.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_flag.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_fs.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_hash.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_io.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_parse.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_reg.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_search.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_syscall.so.5.4.2()(64bit), but none of the providers can be installed - package iaito-5.3.1-4.fc34.x86_64 requires libr_util.so.5.4.2()(64bit), but none of the providers can be installed - cannot install both radare2-5.6.4-1.fc34.x86_64 and radare2-5.4.2-1.fc34.x86_64 - cannot install the best update candidate for package radare2-5.4.2-1.fc34.x86_64

This also affects the last pushed update, I was a bit late reporting it, sorry.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

4 months ago

This update can be pushed to stable now if the maintainer wishes

4 months ago
User Icon rebus commented & provided feedback 4 months ago

regarding the iaito - please can you try https://koji.fedoraproject.org/koji/buildinfo?buildID=1931148 FEDORA-2022-aeeeb12fa6 It should fix BZ#2055092 F34FailsToInstall: iaito ( https://bugzilla.redhat.com/show_bug.cgi?id=2055092 )

User Icon vainly commented & provided feedback 4 months ago
karma

Yes, with the new iaito, the update installs successfully. Thank you!

This update's test gating status has been changed to 'waiting'.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'ignored'.

a month ago

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'failed'.

a month ago

This update's test gating status has been changed to 'ignored'.

a month ago

This update is marked obsolete because the F34 release is archived.

3 weeks ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
4 months ago
in testing
4 months ago
BZ#2054856 radare2-5.6.4 is available
0
0
BZ#2055029 CVE-2022-0522 radare2: Access of Memory Location Before Start of Buffer [epel-all]
0
0
BZ#2055030 CVE-2022-0522 radare2: Access of Memory Location Before Start of Buffer [fedora-all]
0
0
BZ#2055043 CVE-2022-0521 radare2: Access of Memory Location After End of Buffer [epel-all]
0
0
BZ#2055044 CVE-2022-0521 radare2: Access of Memory Location After End of Buffer [fedora-all]
0
0
BZ#2055103 CVE-2022-0519 radare2: CVE-2022-0519: radare2: Buffer Access with Incorrect Length Value prior to 5.6.2. [epel-all]
0
0
BZ#2055104 CVE-2022-0519 radare2: CVE-2022-0519: radare2: Buffer Access with Incorrect Length Value prior to 5.6.2. [fedora-all]
0
0
BZ#2055129 CVE-2022-0518 radare2: CVE-2022-0518: radare2: Heap-based Buffer Overflow in radare2 prior to 5.6.2. [fedora-all]
0
0
BZ#2055130 CVE-2022-0518 radare2: CVE-2022-0518: radare2: Heap-based Buffer Overflow in radare2 prior to 5.6.2. [epel-all]
0
0
BZ#2055145 CVE-2022-0520 radare2: Use After Free in radare [fedora-all]
0
0
BZ#2055146 CVE-2022-0520 radare2: Use After Free in radare [epel-all]
0
0
BZ#2055152 CVE-2022-0523 radare2: Expired Pointer Dereference in radare2 [epel-all]
0
0
BZ#2055153 CVE-2022-0523 radare2: Expired Pointer Dereference in radare2 [fedora-all]
0
0
BZ#2055256 CVE-2022-0559 radare2: Use After Free in radare2 [fedora-all]
0
0
BZ#2055257 CVE-2022-0559 radare2: Use After Free in radare2 [epel-all]
0
0
BZ#2056758 CVE-2022-0676 radare2: Heap-based Buffer Overflow in NPM radare2.js [epel-all]
0
0
BZ#2056759 CVE-2022-0676 radare2: Heap-based Buffer Overflow in NPM radare2.js [fedora-all]
0
0
BZ#2057173 CVE-2022-0712 radare2: null pointer dereference in bin_symbols.c [epel-7]
0
0
BZ#2057174 CVE-2022-0712 radare2: null pointer dereference in bin_symbols.c [epel-8]
0
0
BZ#2057175 CVE-2022-0712 radare2: null pointer dereference in bin_symbols.c [fedora-34]
0
0

Automated Test Results