[SECURITY] Fedora EPEL 9 Update: golang-x-crypto-0.18.0-1.el9

Wed, 17 Jan 2024 16:45:40 -0800 

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2024-e21a9204d2
2024-01-18 00:43:48.432099
--------------------------------------------------------------------------------

Name        : golang-x-crypto
Product     : Fedora EPEL 9
Version     : 0.18.0
Release     : 1.el9
URL         : https://github.com/golang/crypto
Summary     : Go supplementary cryptography libraries
Description :
Go supplementary cryptography libraries.

--------------------------------------------------------------------------------
Update Information:

Update golang-x-crypto to v0.18.0, fix for CVE-2023-48795
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan  9 2024 Mark E. Fuller <[email protected]> - 0.18.0-1
- restore acme/autocert on epel9 and update to v0.18.0, close rhbz#2255095
  - CVE-2023-48795 golang-x-crypto: ssh: Prefix truncation attack on Binary
  Packet Protocol
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2255066 - CVE-2023-48795 golang-x-crypto: ssh: Prefix truncation 
attack on Binary Packet Protocol (BPP) [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2255066
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update golang-x-crypto' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
_______________________________________________
epel-package-announce mailing list -- 
[email protected]
To unsubscribe send an email to 
[email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to