--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2024-3672733748
2024-11-29 00:42:12.626814+00:00
--------------------------------------------------------------------------------

Name        : rust-zlib-rs
Product     : Fedora EPEL 9
Version     : 0.4.0
Release     : 1.el9
URL         : https://crates.io/crates/zlib-rs
Summary     : Memory-safe zlib implementation written in rust
Description :
A memory-safe zlib implementation written in rust.

--------------------------------------------------------------------------------
Update Information:

Update the rustls crate to version 0.23.17.
Update the zlib-rs crate to version 0.4.0.
The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 (stack overflow
during decompression with malicious input). This issue had no actual impact in
Fedora, because no applications yet use the the zlib-rs feature of rustls and
rustls is the only dependent package of zlib-rs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 20 2024 Benjamin A. Beasley <c...@musicinmybrain.net> - 0.4.0-1
- Update to version 0.4.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2326411 - CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow 
during decompression with malicious input [epel-9]
        https://bugzilla.redhat.com/show_bug.cgi?id=2326411
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update rust-zlib-rs' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

-- 
_______________________________________________
epel-package-announce mailing list -- 
epel-package-announce@lists.fedoraproject.org
To unsubscribe send an email to 
epel-package-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-package-announce@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to