Fedora Linux 8798 Published by

The following security updates have been released for Fedora Linux:

[SECURITY] Fedora 40 Update: radare2-5.9.4-1.fc40
[SECURITY] Fedora 40 Update: iaito-5.9.4-1.fc40
[SECURITY] Fedora 39 Update: community-mysql-8.0.39-1.fc39
[SECURITY] Fedora 39 Update: radare2-5.9.4-1.fc39
[SECURITY] Fedora 39 Update: iaito-5.9.4-1.fc39




[SECURITY] Fedora 40 Update: radare2-5.9.4-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-a562addefa
2024-08-23 01:48:47.285005
--------------------------------------------------------------------------------

Name : radare2
Product : Fedora 40
Version : 5.9.4
Release : 1.fc40
URL : https://radare.org/
Summary : The reverse engineering framework
Description :
The radare2 is a reverse-engineering framework that is multi-architecture,
multi-platform, and highly scriptable. Radare2 provides a hexadecimal
editor, wrapped I/O, file system support, debugger support, diffing
between two functions or binaries, and code analysis at opcode,
basic block, and function levels.

--------------------------------------------------------------------------------
Update Information:

Bump to version 5.9.4
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 12 2024 Michal Ambroz - 5.9.4-1
- bump to 5.9.4
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed May 22 2024 Michal Ambroz - 5.9.2-1
- bump to 5.9.2
* Sat Apr 20 2024 Michal Ambroz 5.9.0-1
- bump to 5.9.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2251066 - TRIAGE CVE-2023-47016 radare2: out of bounds read in xnu kernelcache [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2251066
[ 2 ] Bug #2303807 - iaito-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303807
[ 3 ] Bug #2303875 - radare2-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303875
[ 4 ] Bug #2304300 - F40FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304300
[ 5 ] Bug #2304301 - F39FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304301
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-a562addefa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: iaito-5.9.4-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-a562addefa
2024-08-23 01:48:47.285005
--------------------------------------------------------------------------------

Name : iaito
Product : Fedora 40
Version : 5.9.4
Release : 1.fc40
URL : https://radare.org/n/iaito.html
Summary : GUI for radare2 reverse engineering framework
Description :
iaito is a Qt and C++ GUI for radare2.
It is the continuation of Cutter before the fork to keep radare2 as backend.
Its goal is making an advanced, customizable and FOSS reverse-engineering
platform while keeping the user experience at mind.
The iaito is created by reverse engineers for reverse engineers.
Focus on supporting latest version of radare2.
Recommend the use of system installed libraries/radare2.
Closer integration between r2 and the UI.

--------------------------------------------------------------------------------
Update Information:

Bump to version 5.9.4
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 12 2024 Michal Ambroz - 5.9.4-1
- bump to 5.9.4
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri May 24 2024 Michal Ambroz - 5.9.2-1
- bump to 5.9.2
* Thu May 23 2024 Michal Ambroz - 5.9.0-2
- rebuild with radare2 5.9.2
* Sun May 5 2024 Michal Ambroz - 5.9.0-1
- rebuild with radare2 5.9.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2251066 - TRIAGE CVE-2023-47016 radare2: out of bounds read in xnu kernelcache [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2251066
[ 2 ] Bug #2303807 - iaito-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303807
[ 3 ] Bug #2303875 - radare2-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303875
[ 4 ] Bug #2304300 - F40FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304300
[ 5 ] Bug #2304301 - F39FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304301
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-a562addefa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: community-mysql-8.0.39-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-c611359ae1
2024-08-23 01:23:04.730539
--------------------------------------------------------------------------------

Name : community-mysql
Product : Fedora 39
Version : 8.0.39
Release : 1.fc39
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.

--------------------------------------------------------------------------------
Update Information:

MySQL 8.0.39
Release notes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-38.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-39.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 12 2024 Michal Schorm [mschorm@redhat.com] - 8.0.39-1
- Rebase to 8.0.39
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2258841 - CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 ... community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258841
[ 2 ] Bug #2258842 - CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 ... mysql:8.0/community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2258842
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-c611359ae1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: radare2-5.9.4-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-3667e29b88
2024-08-23 01:23:04.730519
--------------------------------------------------------------------------------

Name : radare2
Product : Fedora 39
Version : 5.9.4
Release : 1.fc39
URL : https://radare.org/
Summary : The reverse engineering framework
Description :
The radare2 is a reverse-engineering framework that is multi-architecture,
multi-platform, and highly scriptable. Radare2 provides a hexadecimal
editor, wrapped I/O, file system support, debugger support, diffing
between two functions or binaries, and code analysis at opcode,
basic block, and function levels.

--------------------------------------------------------------------------------
Update Information:

Bump to version 5.9.4
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 12 2024 Michal Ambroz - 5.9.4-1
- bump to 5.9.4
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed May 22 2024 Michal Ambroz - 5.9.2-1
- bump to 5.9.2
* Sat Apr 20 2024 Michal Ambroz 5.9.0-1
- bump to 5.9.0
* Fri Jan 26 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.8.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.8.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Oct 26 2023 Michal Ambroz 5.8.8-3
- rebuild F40+ with capstone 5.0.1+
* Thu Oct 26 2023 Michal Ambroz 5.8.8-2
- cherrypick from upstream master patches for known vulnerabilities:
- CVE-2023-4322 - heap-buffer-overflow in the brainfuck dissassembler
- CVE-2023-5686 - heap-buffer-overflow in /radare2/shlr/java/code.c
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2251066 - TRIAGE CVE-2023-47016 radare2: out of bounds read in xnu kernelcache [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2251066
[ 2 ] Bug #2303807 - iaito-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303807
[ 3 ] Bug #2303875 - radare2-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303875
[ 4 ] Bug #2304300 - F40FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304300
[ 5 ] Bug #2304301 - F39FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304301
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-3667e29b88' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: iaito-5.9.4-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-3667e29b88
2024-08-23 01:23:04.730519
--------------------------------------------------------------------------------

Name : iaito
Product : Fedora 39
Version : 5.9.4
Release : 1.fc39
URL : https://radare.org/n/iaito.html
Summary : GUI for radare2 reverse engineering framework
Description :
iaito is a Qt and C++ GUI for radare2.
It is the continuation of Cutter before the fork to keep radare2 as backend.
Its goal is making an advanced, customizable and FOSS reverse-engineering
platform while keeping the user experience at mind.
The iaito is created by reverse engineers for reverse engineers.
Focus on supporting latest version of radare2.
Recommend the use of system installed libraries/radare2.
Closer integration between r2 and the UI.

--------------------------------------------------------------------------------
Update Information:

Bump to version 5.9.4
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 12 2024 Michal Ambroz - 5.9.4-1
- bump to 5.9.4
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri May 24 2024 Michal Ambroz - 5.9.2-1
- bump to 5.9.2
* Thu May 23 2024 Michal Ambroz - 5.9.0-2
- rebuild with radare2 5.9.2
* Sun May 5 2024 Michal Ambroz - 5.9.0-1
- rebuild with radare2 5.9.0
* Wed Jan 24 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.8.8-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jan 20 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.8.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Nov 13 2023 Michal Ambroz - 5.8.8-4
- rebuild with capstone 5.0.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2251066 - TRIAGE CVE-2023-47016 radare2: out of bounds read in xnu kernelcache [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2251066
[ 2 ] Bug #2303807 - iaito-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303807
[ 3 ] Bug #2303875 - radare2-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2303875
[ 4 ] Bug #2304300 - F40FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304300
[ 5 ] Bug #2304301 - F39FailsToInstall: iaito
https://bugzilla.redhat.com/show_bug.cgi?id=2304301
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-3667e29b88' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--