You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa mbedtls

Sigurnosni nedostatak programskog paketa mbedtls

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2020-48a1ae610c
2020-09-16 14:39:25.892351
——————————————————————————–

Name : mbedtls
Product : Fedora 31
Version : 2.16.8
Release : 1.fc31
URL : https://tls.mbed.org/
Summary : Light-weight cryptographic and SSL/TLS library
Description :
Mbed TLS is a light-weight open source cryptographic and SSL/TLS
library written in C. Mbed TLS makes it easy for developers to include
cryptographic and SSL/TLS capabilities in their (embedded)
applications with as little hassle as possible.
FOSS License Exception: https://tls.mbed.org/foss-license-exception

——————————————————————————–
Update Information:

– Update to 2.16.8
——————————————————————————–
ChangeLog:

* Tue Sep 8 2020 Morten Stevens <mstevens@fedoraproject.org> – 2.16.8-1
– Update to 2.16.8
* Thu Aug 20 2020 Morten Stevens <mstevens@fedoraproject.org> – 2.16.7-4
– Switch to cmake_build, cmake_install and ctest
– FTBFS in Fedora rawhide/f33 (#1864124)
* Sat Aug 1 2020 Fedora Release Engineering <releng@fedoraproject.org> – 2.16.7-3
– Second attempt – Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> – 2.16.7-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
——————————————————————————–
References:

[ 1 ] Bug #1875047 – CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS
https://bugzilla.redhat.com/show_bug.cgi?id=1875047
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-48a1ae610c’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorBruno Varga
Cert idNCERT-REF-2020-09-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak jezgre operacijskog sustava Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje se ažuriranje izdanim...

Close