Fedora Linux 8758 Published by

Fedora Linux has been updated with security enhancements, including python-virtualenv and dnsdist to bolster security measures:

Fedora 40 Update: python-virtualenv-20.21.1-25.fc40
Fedora 40 Update: dnsdist-1.9.7-1.fc40
Fedora 39 Update: python-virtualenv-20.21.1-25.fc39
Fedora 39 Update: dnsdist-1.9.7-1.fc39




[SECURITY] Fedora 40 Update: python-virtualenv-20.21.1-25.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-112e897674
2024-10-17 01:35:15.069868
--------------------------------------------------------------------------------

Name : python-virtualenv
Product : Fedora 40
Version : 20.21.1
Release : 25.fc40
URL : http://pypi.python.org/pypi/virtualenv
Summary : Tool to create isolated Python environments
Description :
virtualenv is a tool to create isolated Python environments. virtualenv
is a successor to workingenv, and an extension of virtual-python. It is
written by Ian Bicking, and sponsored by the Open Planning Project. It is
licensed under an MIT-style permissive license.

--------------------------------------------------------------------------------
Update Information:

Prevent command injection by quoting template strings in activation scripts
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 8 2024 Lumir Balhar [lbalhar@redhat.com] - 20.21.1-25
- Make tests with Python 2.7 optional
* Tue Oct 8 2024 Lumir Balhar [lbalhar@redhat.com] - 20.21.1-24
- Prevent command injection by quoting template strings in activation
scripts
* Thu Aug 8 2024 Benjamin A. Beasley [code@musicinmybrain.net] - 20.21.1-22
- Backport a builtin interpreter discovery fix
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 20.21.1-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jun 8 2024 Python Maint - 20.21.1-20
- Rebuilt for Python 3.13
* Fri Jun 7 2024 Python Maint - 20.21.1-19
- Bootstrap for Python 3.13
* Tue Apr 16 2024 Karolina Surma [ksurma@redhat.com] - 20.21.1-18
- Update Python 3.13 compat patch: 3.13.0a6 renamed pathmod to parser
* Thu Apr 11 2024 Lumir Balhar [lbalhar@redhat.com] - 20.21.1-17
- Fix compatibility with pytest 8
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-112e897674' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: dnsdist-1.9.7-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4ffc26d8cb
2024-10-17 01:35:15.069798
--------------------------------------------------------------------------------

Name : dnsdist
Product : Fedora 40
Version : 1.9.7
Release : 1.fc40
URL : https://dnsdist.org
Summary : Highly DNS-, DoS- and abuse-aware loadbalancer
Description :
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life
is to route traffic to the best server, delivering top performance to
legitimate users while shunting or blocking abusive traffic.

--------------------------------------------------------------------------------
Update Information:

Update to latest upstream
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 4 2024 Sander Hoentjen [shoentjen@antagonist.nl] - 1.9.7-1
- Update to 1.9.7
* Thu Jul 25 2024 Sander Hoentjen [shoentjen@antagonist.nl] - 1.9.6-1
- update to 1.9.6
- Closes #2293523
* Mon May 13 2024 Sander Hoentjen [shoentjen@antagonist.nl] - 1.9.4-1
- Update to 1.9.4
- Fixes CVE-2024-25581
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2280229 - CVE-2024-25581 dnsdist: Transfer requests received over DoH can lead to a denial of service in DNSdist [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2280229
[ 2 ] Bug #2293523 - dnsdist-1.9.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2293523
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4ffc26d8cb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: python-virtualenv-20.21.1-25.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-f7d6b76677
2024-10-17 01:23:55.852346
--------------------------------------------------------------------------------

Name : python-virtualenv
Product : Fedora 39
Version : 20.21.1
Release : 25.fc39
URL : http://pypi.python.org/pypi/virtualenv
Summary : Tool to create isolated Python environments
Description :
virtualenv is a tool to create isolated Python environments. virtualenv
is a successor to workingenv, and an extension of virtual-python. It is
written by Ian Bicking, and sponsored by the Open Planning Project. It is
licensed under an MIT-style permissive license.

--------------------------------------------------------------------------------
Update Information:

Prevent command injection by quoting template strings in activation scripts
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 8 2024 Lumir Balhar [lbalhar@redhat.com] - 20.21.1-25
- Make tests with Python 2.7 optional
* Tue Oct 8 2024 Lumir Balhar [lbalhar@redhat.com] - 20.21.1-24
- Prevent command injection by quoting template strings in activation
scripts
* Thu Aug 8 2024 Benjamin A. Beasley [code@musicinmybrain.net] - 20.21.1-22
- Backport a builtin interpreter discovery fix
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 20.21.1-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sat Jun 8 2024 Python Maint - 20.21.1-20
- Rebuilt for Python 3.13
* Fri Jun 7 2024 Python Maint - 20.21.1-19
- Bootstrap for Python 3.13
* Tue Apr 16 2024 Karolina Surma [ksurma@redhat.com] - 20.21.1-18
- Update Python 3.13 compat patch: 3.13.0a6 renamed pathmod to parser
* Thu Apr 11 2024 Lumir Balhar [lbalhar@redhat.com] - 20.21.1-17
- Fix compatibility with pytest 8
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-f7d6b76677' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: dnsdist-1.9.7-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4d68c5928c
2024-10-17 01:23:55.852300
--------------------------------------------------------------------------------

Name : dnsdist
Product : Fedora 39
Version : 1.9.7
Release : 1.fc39
URL : https://dnsdist.org
Summary : Highly DNS-, DoS- and abuse-aware loadbalancer
Description :
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life
is to route traffic to the best server, delivering top performance to
legitimate users while shunting or blocking abusive traffic.

--------------------------------------------------------------------------------
Update Information:

Update to latest upstream
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 4 2024 Sander Hoentjen [shoentjen@antagonist.nl] - 1.9.7-1
- Update to 1.9.7
* Thu Jul 25 2024 Sander Hoentjen [shoentjen@antagonist.nl] - 1.9.6-1
- update to 1.9.6
- Closes #2293523
* Mon May 13 2024 Sander Hoentjen [shoentjen@antagonist.nl] - 1.9.4-1
- Update to 1.9.4
- Fixes CVE-2024-25581
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2280229 - CVE-2024-25581 dnsdist: Transfer requests received over DoH can lead to a denial of service in DNSdist [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2280229
[ 2 ] Bug #2293523 - dnsdist-1.9.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2293523
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4d68c5928c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--