FEDORA-2025-6f77f6c77a — security update for cutter-re and rizin

stable

cutter-re-2.3.4-6.fc40 and rizin-0.7.4-5.fc40

FEDORA-2025-6f77f6c77a created by rebus 2 months ago for Fedora 40

CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports CVE-2024-31670 rizin: buffer overflow via create_cache_bins CVE-2024-31668 rizin: improper neutralization of special elements via meta_set function CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code

rizin 0.7.2 / cutter-re 2.3.4 (fix changelog)

rizin 0.7.2 / cutter-re 2.3.4

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-6f77f6c77a

This update has been submitted for testing by rebus.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has obsoleted cutter-re-2.3.4-2.fc40, and has inherited its bugs and notes.

2 months ago

This update has been pushed to testing.

2 months ago

This update has been submitted for stable by bodhi.

a month ago

This update has been pushed to stable.

a month ago

Please login to add feedback.

Metadata

Type

security

Severity

low

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

2 months ago

in testing

2 months ago

in stable

a month ago

approved

a month ago

Builds

cutter-re-2.3.4-6.fc40

rizin-0.7.4-5.fc40

BZ#2333933 CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40]

BZ#2333934 CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41]

BZ#2340020 cutter-re: FTBFS in Fedora rawhide/f42

BZ#2346253 Non-responsive maintainer check for ret2libc

cutter-re-2.3.4-6.fc40

rizin-0.7.4-5.fc40

Automated Test Results

ignored