FEDORA-2024-29120efcc4
Packages in this update:
et-6.2.1-15.fc38
Update description:
Unbundle cpp-httlib, fixing CVE-2023-26130
et-6.2.1-15.fc38
Unbundle cpp-httlib, fixing CVE-2023-26130
et-6.2.1-15.fc39
Unbundle cpp-httlib, fixing CVE-2023-26130
et-6.2.1-15.fc40
Unbundle cpp-httlib, fixing CVE-2023-26130
clamav-1.0.6-1.fc40
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
clamav-1.0.6-1.fc39
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
clamav-1.0.6-1.el9
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
clamav-1.0.6-1.fc38
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
Security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
It was discovered that nghttp2 incorrectly handled the HTTP/2
implementation. A remote attacker could possibly use this issue to cause
nghttp2 to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511,
CVE-2019-9513)
It was discovered that nghttp2 incorrectly handled request cancellation. A
remote attacker could possibly use this issue to cause nghttp2 to consume
resources, leading to a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)
It was discovered that nghttp2 could be made to process an unlimited number
of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this
issue to cause nghttp2 to consume resources, leading to a denial of
service. (CVE-2024-28182)
Thomas Neil James Shadwell discovered that CryptoJS was using an insecure
cryptographic default configuration. A remote attacker could possibly use
this issue to expose sensitive information.