drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in syncthing
Name: |
Denial of Service in syncthing |
|
ID: |
FEDORA-2024-c46536abe6 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 39 |
|
Datum: |
Mi, 21. Februar 2024, 06:31 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49295 |
|
Applikationen: |
syncthing |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2024-c46536abe6 2024-02-21 01:31:44.025637 ------------------------------------------------------------------------------- -
Name : syncthing Product : Fedora 39 Version : 1.27.3 Release : 1.fc39 URL : https://syncthing.net Summary : Continuous File Synchronization Description : Syncthing replaces other file synchronization services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet. Using syncthing, that control is returned to you.
This package contains the syncthing client binary and systemd services.
------------------------------------------------------------------------------- - Update Information:
Update to version 1.27.3. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3 This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic- go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf ------------------------------------------------------------------------------- - ChangeLog:
* Mon Feb 12 2024 Fabio Valentini <decathorpe@gmail.com> - 1.27.3-1 - Update to version 1.27.3; Fixes RHBZ#2263121 * Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> - 1.27.2-3 - Rebuild for golang 1.22.0 * Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.27.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #2257833 - CVE-2023-49295 syncthing: quic-go: memory exhaustion attack against QUIC's path validation mechanism [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257833 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c46536abe6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
|
|
|
|