Fedora Linux 8773 Published by

A guacamole-server security update has been released for Fedora 32.



SECURITY: Fedora 32 Update: guacamole-server-1.2.0-3.fc32


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-bfde0ab889
2021-01-04 01:16:46.790032
--------------------------------------------------------------------------------

Name : guacamole-server
Product : Fedora 32
Version : 1.2.0
Release : 3.fc32
URL :   http://guac-dev.org/
Summary : Server-side native components that form the Guacamole proxy
Description :
Guacamole is an HTML5 remote desktop gateway.

Guacamole provides access to desktop environments using remote desktop protocols
like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing
access to multiple desktops through a web browser.

No browser plugins are needed, and no client software needs to be installed. The
client requires nothing more than a web browser supporting HTML5 and AJAX.

The main web application is provided by the "guacamole-client" package.

--------------------------------------------------------------------------------
Update Information:

Updated SPEC file and rebuilt for new dependencies.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 26 2020 Simone Caronni - 1.2.0-3
- Do not ship deprecated sysconfig file.
- Trim changelog.
* Tue Jul 28 2020 Fedora Release Engineering - 1.2.0-2
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 24 2020 Simone Caronni - 1.2.0-1
- Update to 1.2.0.
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1853386 - CVE-2020-9498 guacamole-server: Dangling pointer in RDP static virtual channel handling [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=1853386
[ 2 ] Bug #1853388 - CVE-2020-9498 guacamole-server: Dangling pointer in RDP static virtual channel handling [epel-7]
  https://bugzilla.redhat.com/show_bug.cgi?id=1853388
[ 3 ] Bug #1853391 - CVE-2020-9497 guacamole-server: Improper input validation of RDP static virtual channels [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=1853391
[ 4 ] Bug #1853393 - CVE-2020-9497 guacamole-server: Improper input validation of RDP static virtual channels [epel-7]
  https://bugzilla.redhat.com/show_bug.cgi?id=1853393
[ 5 ] Bug #1878395 - F34FailsToInstall: libguac-client-kubernetes
  https://bugzilla.redhat.com/show_bug.cgi?id=1878395
[ 6 ] Bug #1899751 - Dependency error installing libguac-client-kubernetes
  https://bugzilla.redhat.com/show_bug.cgi?id=1899751
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-bfde0ab889' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys