Fedora alert FEDORA-2025-6f6043cb99 (zsync)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 42 Update: zsync-0.6.2-3.fc42 | |
| Date: | Fri, 23 May 2025 03:26:27 +0000 | |
| Message-ID: | <20250523032627.9A79C2033D0B@bastion01.iad2.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6f6043cb99 2025-05-23 03:24:17.285913+00:00 -------------------------------------------------------------------------------- Name : zsync Product : Fedora 42 Version : 0.6.2 Release : 3.fc42 URL : http://zsync.moria.org.uk/ Summary : a file transfer program using the same algorithm as rsync over HTTP Description : zsync is a file transfer program. It allows you to download a file from a remote server, where you have a copy of an older version of the file on your computer already. zsync downloads only the new parts of the file. It uses the same algorithm as rsync. However, where rsync is designed for synchronising data from one computer to another within an organisation, zsync is designed for file distribution, with one file on a server to be distributed to thousands of downloaders. zsync requires no special server software - just a web server to host the files - and imposes no extra load on the server, making it ideal for large scale file distribution. -------------------------------------------------------------------------------- Update Information: fix zlib source path in patch file -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2025 Tobias Girstmair <t-fedora@girst.at> - 0.6.2-3 - fix zlib source path in patch file * Thu May 15 2025 Tobias Girstmair <t-fedora@girst.at> - 0.6.2-2 - include a patch for CVE-2016-9840 (RHBZ#2366435) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366435 - CVE-2025-4638 zsync: Improper Pointer Arithmetic in pcl [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366435 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6f6043cb99' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue