stable

rust-rustls-0.23.17-1.fc40 and rust-zlib-rs-0.4.0-1.fc40

FEDORA-2024-632b468c59 created by decathorpe 3 months ago for Fedora 40
  • Update the rustls crate to version 0.23.17.
  • Update the zlib-rs crate to version 0.4.0.

The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow during decompression with malicious input). This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and rustls is the only dependent package of zlib-rs.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-632b468c59

This update's test gating status has been changed to 'waiting'.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

This update has been submitted for testing by bodhi.

3 months ago

This update has been pushed to testing.

3 months ago

This update has been submitted for stable by bodhi.

3 months ago

This update has been pushed to stable.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
3 months ago
in testing
3 months ago
in stable
3 months ago
approved
3 months ago
BZ#2326413 CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow during decompression with malicious input [fedora-40]
0
0

Automated Test Results