Fedora alert FEDORA-2023-cc21019773 (rust-ybaas)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 38 Update: rust-ybaas-0.0.10-7.fc38 | |
| Date: | Sun, 07 May 2023 01:24:29 +0000 | |
| Message-ID: | <20230507012429.9BDEA20CB0D3@bastion01.iad2.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-cc21019773 2023-05-07 01:19:58.787245 -------------------------------------------------------------------------------- Name : rust-ybaas Product : Fedora 38 Version : 0.0.10 Release : 7.fc38 URL : https://crates.io/crates/ybaas Summary : Yubibomb as a service Description : Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Don't want the complexity of installing and using the yubibomb CLI tool? Now you can use yubibomb as a service! -------------------------------------------------------------------------------- Update Information: Recent updates for the `tokio`, `h2`, and `openssl` crates addressed some (potential or confirmed) security or soundness issues: - `tokio`: [RUSTSEC-2023-0005](https://rustsec.org/advisories/RUSTSEC-2023-0005.html) - `h2`: [RUSTSEC-2023-0034](https://rustsec.org/advisories/RUSTSEC-2023-0034.html) / [CVE-2023-26964](https://nvd.nist.gov/vuln/detail/CVE-2023-26964) - `openssl`: [RUSTSEC-2023-0022](https://rustsec.org/advisories/RUSTSEC-2023-0022.html), [RUSTSEC-2023-0023](https://rustsec.org/advisories/RUSTSEC-2023-0023.html), [RUSTSEC-2023-0024](https://rustsec.org/advisories/RUSTSEC-2023-0024.html) This update contains rebuilds of all affected applications against the latest versions of these crates, which have addressed all linked issues. -------------------------------------------------------------------------------- ChangeLog: * Wed May 3 2023 Fabio Valentini <decathorpe@gmail.com> - 0.0.10-7 - Rebuild with h2 >= v0.3.18 and tokio >= v1.24.2 (RUSTSEC-2023-{0005,0034}) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-cc21019773' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue