Fedora Linux 8546 Published by

The following updates are available for Fedora Linux:

Fedora 38 Update: tcpreplay-4.4.4-5.fc38
Fedora 38 Update: kubernetes-1.26.15-1.fc38
Fedora 38 Update: clojure-1.11.2-1.fc38
Fedora 39 Update: tcpreplay-4.4.4-5.fc39
Fedora 39 Update: clojure-1.11.2-1.fc39




Fedora 38 Update: tcpreplay-4.4.4-5.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-b3b2a95168
2024-03-24 01:35:11.754564
--------------------------------------------------------------------------------

Name : tcpreplay
Product : Fedora 38
Version : 4.4.4
Release : 5.fc38
URL : http://tcpreplay.appneta.com/
Summary : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.

--------------------------------------------------------------------------------
Update Information:

Patch CVE-2023-4256 and CVE-2023-43279
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 16 2024 Bojan Smojver - 4.4.1-5
- Patch CVE-2023-4256
* Sat Mar 16 2024 Bojan Smojver - 4.4.1-4
- Patch CVE-2023-43279
* Sat Jan 27 2024 Fedora Release Engineering [releng@fedoraproject.org] - 4.4.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering [releng@fedoraproject.org] - 4.4.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2255213 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2255213
[ 2 ] Bug #2255214 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2255214
[ 3 ] Bug #2269309 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2269309
[ 4 ] Bug #2269310 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2269310
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-b3b2a95168' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 38 Update: kubernetes-1.26.15-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-5bae6c0ea7
2024-03-24 01:35:11.754526
--------------------------------------------------------------------------------

Name : kubernetes
Product : Fedora 38
Version : 1.26.15
Release : 1.fc38
URL : https://k8s.io/kubernetes
Summary : Container cluster management
Description :
Container cluster management

--------------------------------------------------------------------------------
Update Information:

Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786.
Kubernetes is now built with go 1.21.8.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 15 2024 Bradley G Smith [bradley.g.smith@gmail.com] - 1.26.15-1
- Update to v1.26.14 for F38
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-5bae6c0ea7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 38 Update: clojure-1.11.2-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-91dab41dfa
2024-03-24 01:35:11.754500
--------------------------------------------------------------------------------

Name : clojure
Product : Fedora 38
Version : 1.11.2
Release : 1.fc38
URL : http://clojure.org/
Summary : A dynamic programming language that targets the Java Virtual Machine
Description :
Clojure is a dynamic programming language that targets the Java
Virtual Machine. It is designed to be a general-purpose language,
combining the approachability and interactive development of a
scripting language with an efficient and robust infrastructure for
multithreaded programming. Clojure is a compiled language - it
compiles directly to JVM bytecode, yet remains completely
dynamic. Every feature supported by Clojure is supported at
runtime. Clojure provides easy access to the Java frameworks, with
optional type hints and type inference, to ensure that calls to Java
can avoid reflection.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-22871
Update to upstream release 1.11.2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 15 2024 Markku Korkeala [markku.korkeala@iki.fi] - 1:1.11.2-1
- Update to upstream release 1.11.2
* Wed Jan 24 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1:1.11.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1:1.11.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 19 2023 Fedora Release Engineering [releng@fedoraproject.org] - 1:1.11.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2266785 - CVE-2024-22871 clojure: denial of service (DoS) via the clojure.core$partial$fn__5920 function.
https://bugzilla.redhat.com/show_bug.cgi?id=2266785
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-91dab41dfa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 39 Update: tcpreplay-4.4.4-5.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ec1fba69c2
2024-03-24 01:05:50.706342
--------------------------------------------------------------------------------

Name : tcpreplay
Product : Fedora 39
Version : 4.4.4
Release : 5.fc39
URL : http://tcpreplay.appneta.com/
Summary : Replay captured network traffic
Description :
Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay
supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep
a tool to pre-process capture files to allow increased performance under
certain conditions as well as capinfo which provides basic information about
capture files.

--------------------------------------------------------------------------------
Update Information:

Patch CVE-2023-4256 and CVE-2023-43279
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 16 2024 Bojan Smojver - 4.4.1-5
- Patch CVE-2023-4256
* Sat Mar 16 2024 Bojan Smojver - 4.4.1-4
- Patch CVE-2023-43279
* Sat Jan 27 2024 Fedora Release Engineering [releng@fedoraproject.org] - 4.4.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2255213 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2255213
[ 2 ] Bug #2255214 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2255214
[ 3 ] Bug #2269309 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2269309
[ 4 ] Bug #2269310 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2269310
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ec1fba69c2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 39 Update: clojure-1.11.2-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-270cd506bb
2024-03-24 01:05:50.706295
--------------------------------------------------------------------------------

Name : clojure
Product : Fedora 39
Version : 1.11.2
Release : 1.fc39
URL : http://clojure.org/
Summary : A dynamic programming language that targets the Java Virtual Machine
Description :
Clojure is a dynamic programming language that targets the Java
Virtual Machine. It is designed to be a general-purpose language,
combining the approachability and interactive development of a
scripting language with an efficient and robust infrastructure for
multithreaded programming. Clojure is a compiled language - it
compiles directly to JVM bytecode, yet remains completely
dynamic. Every feature supported by Clojure is supported at
runtime. Clojure provides easy access to the Java frameworks, with
optional type hints and type inference, to ensure that calls to Java
can avoid reflection.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-22871
Update to upstream release 1.11.2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 15 2024 Markku Korkeala [markku.korkeala@iki.fi] - 1:1.11.2-1
- Update to upstream release 1.11.2
* Wed Jan 24 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1:1.11.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1:1.11.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2266785 - CVE-2024-22871 clojure: denial of service (DoS) via the clojure.core$partial$fn__5920 function.
https://bugzilla.redhat.com/show_bug.cgi?id=2266785
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-270cd506bb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--