Fedora alert FEDORA-2025-f8be7978e3 (keyring-ima-signer)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 41 Update: keyring-ima-signer-0.1.0-17.fc41 | |
| Date: | Sat, 08 Feb 2025 02:18:30 +0000 | |
| Message-ID: | <20250208021830.1E6A5204866B@bastion01.iad2.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-f8be7978e3 2025-02-08 02:15:29.328151+00:00 -------------------------------------------------------------------------------- Name : keyring-ima-signer Product : Fedora 41 Version : 0.1.0 Release : 17.fc41 URL : https://github.com/fedora-iot/keyring-ima-signer/ Summary : An IMA file signing tool using the kernel keyring Description : The IMA (Integrity Measurement Architecture) is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts (TPM). This tool allows signing of files in userspace, inclusding options of including the signature in xattr or a .sig file, using signing keys stored in the kernel keyring to ensure they're not recoverable. -------------------------------------------------------------------------------- Update Information: Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105. This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all packages that statically link the openssl crate. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 6 2025 Fabio Valentini <decathorpe@gmail.com> - 0.1.0-17 - Rebuild for openssl crate >= v0.10.70 (RUSTSEC-2025-0004) * Fri Jan 17 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.0-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2343479 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2343479 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f8be7978e3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue