FEDORA-2023-c862a1e289 — security update for golang-x-image

stable

golang-x-image-0.13.0-1.fc37

FEDORA-2023-c862a1e289 created by eclipseo a year ago for Fedora 37

Update to 0.13.0 Security fix for CVE-2023-29408 Security fix for CVE-2023-29407 Security fix for CVE-2022-41727

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-c862a1e289

This update has been submitted for testing by eclipseo.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

approved

a year ago

Builds

golang-x-image-0.13.0-1.fc37

BZ#2174311 CVE-2022-41727 golang.org/x/image: Uncontrolled Resource Consumption

BZ#2175584 golang-x-image-0.13.0 is available

BZ#2178355 CVE-2022-41727 golang-x-image: golang.org/x/image: Uncontrolled Resource Consumption [fedora-all]

BZ#2228735 CVE-2023-29407 golang.org/x/image/tiff: excessive CPU consumption in decoding

BZ#2228742 CVE-2023-29408 golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data

BZ#2229614 CVE-2023-29407 golang-x-image: golang.org/x/image/tiff: excessive CPU consumption in decoding [fedora-all]

BZ#2229617 CVE-2023-29408 golang-x-image: golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data [fedora-all]

golang-x-image-0.13.0-1.fc37

Automated Test Results

ignored