Kernel, Liblas, FreeIPA, EDK2 updates for Fedora

Fedora Linux 8573 Published 2024-03-13 08:03 by Philipp Esselbach

News

The following updates have been released for Fedora Linux:

Fedora 38 Update: kernel-6.7.9-100.fc38
Fedora 38 Update: liblas-1.8.2-0.12.gitf1da555.fc38
Fedora 38 Update: freeipa-4.10.3-2.fc38
Fedora 39 Update: kernel-6.7.9-200.fc39
Fedora 39 Update: liblas-1.8.2-0.12.gitf1da555.fc39
Fedora 39 Update: freeipa-4.11.1-2.fc39
Fedora 39 Update: edk2-20240214-2.fc39

Fedora 38 Update: kernel-6.7.9-100.fc38

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-5db5954a5e
2024-03-13 01:47:46.880728
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 38
Version : 6.7.9
Release : 100.fc38
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.7.9 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 6 2024 Augusto Caringi [acaringi@redhat.com] [6.7.9-0]
- Add some CVE fixes for 6.7.9 (Justin M. Forbes)
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu)
- Linux v6.7.9
* Sun Mar 3 2024 Justin M. Forbes [jforbes@fedoraproject.org] [6.7.8-0]
- Linux v6.7.8
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2267701 - CVE-2024-22099 kernel: NULL Pointer dereference bluetooth allows Overflow Buffers
https://bugzilla.redhat.com/show_bug.cgi?id=2267701
[ 2 ] Bug #2267721 - CVE-2024-26622 kernel: tomoyo: fix UAF write bug in tomoyo_write_control()
https://bugzilla.redhat.com/show_bug.cgi?id=2267721
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-5db5954a5e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Fedora 38 Update: liblas-1.8.2-0.12.gitf1da555.fc38

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ef8c8a8b37
2024-03-13 01:47:46.880624
--------------------------------------------------------------------------------

Name : liblas
Product : Fedora 38
Version : 1.8.2
Release : 0.12.gitf1da555.fc38
URL : https://www.liblas.org
Summary : Library for reading and writing the very common LAS LiDAR format
Description :
libLAS is a C/C++ library for reading and writing the very common LAS LiDAR
format. The ASPRS LAS format is a sequential binary format used to store
data from LiDAR sensors and by LiDAR processing software for data
interchange and archival.

--------------------------------------------------------------------------------
Update Information:

Update to git f1da555, fixes CVE-2024-27507.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 4 2024 Sandro Mani [manisandro@gmail.com] - 1.8.2-0.12.gitf1da555
- Update to git f1da555, fixes CVE-2024-27507
* Thu Jan 25 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.2-0.11.gitded4637
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.2-0.10.gitded4637
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jan 18 2024 Jonathan Wakely [jwakely@redhat.com] - 1.8.2-0.9.gitded4637
- Rebuilt for Boost 1.83
* Wed Nov 15 2023 Sandro Mani [manisandro@gmail.com] - 1.8.2-0.8.gitded4637
- Rebuild (gdal)
* Thu Jul 20 2023 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.2-0.7.gitded4637
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu May 11 2023 Sandro Mani [manisandro@gmail.com] - 1.8.2-0.6.gitded4637
- Rebuild (gdal)
* Mon Feb 20 2023 Jonathan Wakely [jwakely@redhat.com] - 1.8.2-0.5.gitded4637
- Rebuilt for Boost 1.81
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2266402 - TRIAGE CVE-2024-27507 liblas: memory leak may lead to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2266402
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ef8c8a8b37' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Fedora 38 Update: freeipa-4.10.3-2.fc38

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-bbfef02415
2024-03-13 01:47:46.880598
--------------------------------------------------------------------------------

Name : freeipa
Product : Fedora 38
Version : 4.10.3
Release : 2.fc38
URL : http://www.freeipa.org/
Summary : The Identity, Policy and Audit system
Description :
IPA is an integrated solution to provide centrally managed Identity (users,
hosts, services), Authentication (SSO, 2FA), and Authorization
(host access control, SELinux user roles, services). The solution provides
features for further integration with Linux based clients (SUDO, automount)
and integration with Active Directory based infrastructures (Trusts).

--------------------------------------------------------------------------------
Update Information:

Security release: CVE-2024-1481
Resolves: rhbz#2265129
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 21 2024 Rob Crittenden [rcritten@redhat.com] - 4.10.3-2
- Security release: CVE-2024-1481
- Resolves: rhbz#2265129
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2265129 - TRIAGE CVE-2024-1481 freeipa: specially crafted HTTP requests potentially lead to DoS or data exposure [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2265129
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-bbfef02415' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Fedora 39 Update: kernel-6.7.9-200.fc39

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-f797f1540e
2024-03-13 01:22:43.441080
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 39
Version : 6.7.9
Release : 200.fc39
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.7.9 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 6 2024 Augusto Caringi [acaringi@redhat.com] [6.7.9-0]
- Add some CVE fixes for 6.7.9 (Justin M. Forbes)
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu)
- Linux v6.7.9
* Sun Mar 3 2024 Justin M. Forbes [jforbes@fedoraproject.org] [6.7.8-0]
- Linux v6.7.8
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2267701 - CVE-2024-22099 kernel: NULL Pointer dereference bluetooth allows Overflow Buffers
https://bugzilla.redhat.com/show_bug.cgi?id=2267701
[ 2 ] Bug #2267721 - CVE-2024-26622 kernel: tomoyo: fix UAF write bug in tomoyo_write_control()
https://bugzilla.redhat.com/show_bug.cgi?id=2267721
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-f797f1540e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Fedora 39 Update: liblas-1.8.2-0.12.gitf1da555.fc39

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-34301311f8
2024-03-13 01:22:43.440886
--------------------------------------------------------------------------------

Name : liblas
Product : Fedora 39
Version : 1.8.2
Release : 0.12.gitf1da555.fc39
URL : https://www.liblas.org
Summary : Library for reading and writing the very common LAS LiDAR format
Description :
libLAS is a C/C++ library for reading and writing the very common LAS LiDAR
format. The ASPRS LAS format is a sequential binary format used to store
data from LiDAR sensors and by LiDAR processing software for data
interchange and archival.

--------------------------------------------------------------------------------
Update Information:

Update to git f1da555, fixes CVE-2024-27507.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 4 2024 Sandro Mani [manisandro@gmail.com] - 1.8.2-0.12.gitf1da555
- Update to git f1da555, fixes CVE-2024-27507
* Thu Jan 25 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.2-0.11.gitded4637
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.8.2-0.10.gitded4637
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jan 18 2024 Jonathan Wakely [jwakely@redhat.com] - 1.8.2-0.9.gitded4637
- Rebuilt for Boost 1.83
* Wed Nov 15 2023 Sandro Mani [manisandro@gmail.com] - 1.8.2-0.8.gitded4637
- Rebuild (gdal)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2266402 - TRIAGE CVE-2024-27507 liblas: memory leak may lead to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2266402
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-34301311f8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Fedora 39 Update: freeipa-4.11.1-2.fc39

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-826453ad39
2024-03-13 01:22:43.440818
--------------------------------------------------------------------------------

Name : freeipa
Product : Fedora 39
Version : 4.11.1
Release : 2.fc39
URL : http://www.freeipa.org/
Summary : The Identity, Policy and Audit system
Description :
IPA is an integrated solution to provide centrally managed Identity (users,
hosts, services), Authentication (SSO, 2FA), and Authorization
(host access control, SELinux user roles, services). The solution provides
features for further integration with Linux based clients (SUDO, automount)
and integration with Active Directory based infrastructures (Trusts).

--------------------------------------------------------------------------------
Update Information:

Security release: CVE-2024-1481
Resolves: rhbz#2265129
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 21 2024 Rob Crittenden [rcritten@redhat.com] - 4.11.1-2
- Security release: CVE-2024-1481
- Resolves: rhbz#2265129
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2265129 - TRIAGE CVE-2024-1481 freeipa: specially crafted HTTP requests potentially lead to DoS or data exposure [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2265129
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-826453ad39' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Fedora 39 Update: edk2-20240214-2.fc39

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-a9dead34c5
2024-03-13 01:22:43.440810
--------------------------------------------------------------------------------

Name : edk2
Product : Fedora 39
Version : 20240214
Release : 2.fc39
URL : http://www.tianocore.org
Summary : UEFI firmware for 64-bit virtual machines
Description :
EDK II is a modern, feature-rich, cross-platform firmware development
environment for the UEFI and PI specifications. This package contains sample
64-bit UEFI firmware builds for QEMU and KVM.

--------------------------------------------------------------------------------
Update Information:

update to edk2-stable202402
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 26 2024 Gerd Hoffmann [kraxel@redhat.com] - 20240214-2
- switch pcr predition to systemd-pcrlock format
* Mon Feb 26 2024 Gerd Hoffmann [kraxel@redhat.com] - 20240214-1
- update to edk2-stable202402
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2257587 - CVE-2022-36764 edk2: heap buffer overflow in Tcg2MeasurePeImage() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2257587
[ 2 ] Bug #2257588 - CVE-2022-36763 edk2: heap buffer overflow in Tcg2MeasureGptTable() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2257588
[ 3 ] Bug #2257589 - CVE-2022-36765 edk2: integer overflow in CreateHob() could lead to HOB OOB R/W [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2257589
[ 4 ] Bug #2258679 - CVE-2023-4522 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258679
[ 5 ] Bug #2258687 - CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258687
[ 6 ] Bug #2258690 - CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258690
[ 7 ] Bug #2258693 - CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258693
[ 8 ] Bug #2258696 - CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258696
[ 9 ] Bug #2258699 - CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258699
[ 10 ] Bug #2258701 - CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258701
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-a9dead34c5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--

Docker, Kernel, Kpatch-Patch updates for RHEL

PostgreSQL, GIMP, NodeJS, and more updates for Rocky Linux

Kernel, Liblas, FreeIPA, EDK2 updates for Fedora

Fedora 38 Update: kernel-6.7.9-100.fc38

Fedora 38 Update: liblas-1.8.2-0.12.gitf1da555.fc38

Fedora 38 Update: freeipa-4.10.3-2.fc38

Fedora 39 Update: kernel-6.7.9-200.fc39

Fedora 39 Update: liblas-1.8.2-0.12.gitf1da555.fc39

Fedora 39 Update: freeipa-4.11.1-2.fc39

Fedora 39 Update: edk2-20240214-2.fc39

Windows

Linux

macOS

Community