Read Time:1 Minute, 13 Second

FEDORA-2023-d88521bfc5

Packages in this update:

clevis-pin-tpm2-0.5.2-5.fc39
greetd-0.9.0-4.fc39
keyring-ima-signer-0.1.0-9.fc39
libkrun-1.5.0-2.fc39
mirrorlist-server-3.0.6-6.fc39
nispor-1.2.10-4.fc39
nmstate-2.2.10-4.fc39
rust-afterburn-5.4.0-3.fc39
rust-below-0.6.3-4.fc39
rust-bodhi-cli-2.1.0-2.fc39
rust-cargo-c-0.9.12-4.fc39
rust-coreos-installer-0.17.0-3.fc39
rust-fedora-update-feedback-2.1.2-2.fc39
rust-git-delta-0.13.0-5.fc39
rust-gst-plugin-reqwest-0.10.4-2.fc39
rust-pore-0.1.8-3.fc39
rust-rpm-sequoia-1.4.0-2.fc39
rust-sequoia-octopus-librnp-1.4.1-8.fc39
rust-sequoia-policy-config-0.6.0-3.fc39
rust-sequoia-sq-0.26.0-7.fc39
rust-sevctl-0.3.2-4.fc39
rust-tealdeer-1.6.1-2.fc39
rust-ybaas-0.0.10-7.fc39

Update description:

Recent updates for the tokio, h2, and openssl crates addressed some (potential or confirmed) security or soundness issues:

tokio: RUSTSEC-2023-0005
h2: RUSTSEC-2023-0034 / CVE-2023-26964
openssl: RUSTSEC-2023-0022, RUSTSEC-2023-0023, RUSTSEC-2023-0024

This update contains rebuilds of all affected applications against the latest versions of these crates, which have addressed all linked issues.

Read More