- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2020-13edfc3215
2020-11-03 00:57:50.584833
——————————————————————————–
Name : fastd
Product : Fedora 33
Version : 21
Release : 1.fc33
URL : https://protect2.fireeye.com/v1/url?k=c291e586-9d0dff98-c296784a-000babd90757-e3af5516d2eef7f6&q=1&e=d8cb6758-b57e-457f-a770-0b1d66a6e71e&u=https%3A%2F%2Fgithub.com%2FNeoRaider%2Ffastd%2Fwiki
Summary : Fast and secure tunneling daemon
Description :
fastd is a secure tunneling daemon with some unique features:
– Very small binary (about 100KB on OpenWRT in the default configuration,
including all dependencies besides libc)
– Exchangable crypto methods
– Transport over UDP for simple usage behind NAT
– Can run in 1:1 and 1:n scenarios
– There are no server and client roles defined by the protocol, this is just
defined by the usage.
– Only one instance of the daemon is needed on each host to create a full mesh
If no full mesh is established, a routing protocol is necessary to enable
hosts that are not connected directly to reach each other
——————————————————————————–
Update Information:
Fix for CVE-2020-27638
——————————————————————————–
ChangeLog:
* Fri Oct 23 2020 Felix Kaechele <felix@kaechele.ca> – 21-1
– update to 21
– fixes CVE-2020-27638
——————————————————————————–
References:
[ 1 ] Bug #1887118 – fastd-21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1887118
[ 2 ] Bug #1890968 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1890968
[ 3 ] Bug #1890969 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1890969
[ 4 ] Bug #1890970 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1890970
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-13edfc3215’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=79365d21-26aa473f-7931c0ed-000babd90757-50a93d849a6089ab&q=1&e=d8cb6758-b57e-457f-a770-0b1d66a6e71e&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-01dc2bc62c
2020-11-03 01:20:46.180194
——————————————————————————–
Name : fastd
Product : Fedora 31
Version : 21
Release : 1.fc31
URL : https://protect2.fireeye.com/v1/url?k=d47ed37e-8be2c960-d4794eb2-000babd90757-1ffdcb0032225ada&q=1&e=99fbc316-0cbe-4ff4-8bd7-9fe5c27212d3&u=https%3A%2F%2Fgithub.com%2FNeoRaider%2Ffastd%2Fwiki
Summary : Fast and secure tunneling daemon
Description :
fastd is a secure tunneling daemon with some unique features:
– Very small binary (about 100KB on OpenWRT in the default configuration,
including all dependencies besides libc)
– Exchangable crypto methods
– Transport over UDP for simple usage behind NAT
– Can run in 1:1 and 1:n scenarios
– There are no server and client roles defined by the protocol, this is just
defined by the usage.
– Only one instance of the daemon is needed on each host to create a full mesh
If no full mesh is established, a routing protocol is necessary to enable
hosts that are not connected directly to reach each other
——————————————————————————–
Update Information:
Fix for CVE-2020-27638
——————————————————————————–
ChangeLog:
* Fri Oct 23 2020 Felix Kaechele <felix@kaechele.ca> – 21-1
– update to 21
– fixes CVE-2020-27638
——————————————————————————–
References:
[ 1 ] Bug #1887118 – fastd-21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1887118
[ 2 ] Bug #1890968 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1890968
[ 3 ] Bug #1890969 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1890969
[ 4 ] Bug #1890970 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1890970
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-01dc2bc62c’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=decb65d8-81577fc6-deccf814-000babd90757-d2f22d90dc650704&q=1&e=99fbc316-0cbe-4ff4-8bd7-9fe5c27212d3&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-495c14a23f
2020-11-03 01:29:14.893145
——————————————————————————–
Name : fastd
Product : Fedora 32
Version : 21
Release : 1.fc32
URL : https://protect2.fireeye.com/v1/url?k=1dd1a978-424db366-1dd634b4-000babd90757-466ca066c07f5e34&q=1&e=dfd06f3c-75a4-44b9-8516-53286b6fe140&u=https%3A%2F%2Fgithub.com%2FNeoRaider%2Ffastd%2Fwiki
Summary : Fast and secure tunneling daemon
Description :
fastd is a secure tunneling daemon with some unique features:
– Very small binary (about 100KB on OpenWRT in the default configuration,
including all dependencies besides libc)
– Exchangable crypto methods
– Transport over UDP for simple usage behind NAT
– Can run in 1:1 and 1:n scenarios
– There are no server and client roles defined by the protocol, this is just
defined by the usage.
– Only one instance of the daemon is needed on each host to create a full mesh
If no full mesh is established, a routing protocol is necessary to enable
hosts that are not connected directly to reach each other
——————————————————————————–
Update Information:
Fix for CVE-2020-27638
——————————————————————————–
ChangeLog:
* Fri Oct 23 2020 Felix Kaechele <felix@kaechele.ca> – 21-1
– update to 21
– fixes CVE-2020-27638
——————————————————————————–
References:
[ 1 ] Bug #1887118 – fastd-21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1887118
[ 2 ] Bug #1890968 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1890968
[ 3 ] Bug #1890969 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1890969
[ 4 ] Bug #1890970 – CVE-2020-27638 fastd: DoS’able memory leak on invalid packets [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1890970
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-495c14a23f’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=658e8674-3a129c6a-65891bb8-000babd90757-0960587cb3872571&q=1&e=dfd06f3c-75a4-44b9-8516-53286b6fe140&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
| Autor | Bruno Varga |
| Cert id | NCERT-REF-2020-11-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
