Fedora Linux 8809 Published by

A radare2 security update has been released for Fedora 32.



SECURITY: Fedora 32 Update: radare2-5.1.1-1.fc32


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-e3c95619c1
2021-02-24 20:43:56.301549
--------------------------------------------------------------------------------

Name : radare2
Product : Fedora 32
Version : 5.1.1
Release : 1.fc32
URL :   https://radare.org/
Summary : The reverse engineering framework
Description :
The radare2 is a reverse-engineering framework that is multi-architecture,
multi-platform, and highly scriptable. Radare2 provides a hexadecimal
editor, wrapped I/O, file system support, debugger support, diffing
between two functions or binaries, and code analysis at opcode,
basic block, and function levels.

--------------------------------------------------------------------------------
Update Information:

Update to version 5.1.1. Security fix for CVE-CVE-2020-16269 and CVE-2020-17487
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 15 2021 Henrik Nordstrom - 5.1.1-1
- Rebase to upstream version 5.1.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1864842 - CVE-2020-16269 radare2: segmentation fault in parse_typedef function in type_dwarf.c via a malformed DW_AT_name in the .debug_info section
  https://bugzilla.redhat.com/show_bug.cgi?id=1864842
[ 2 ] Bug #1869623 - CVE-2020-17487 radare2: misparsing signature information in PE files could lead to DoS
  https://bugzilla.redhat.com/show_bug.cgi?id=1869623
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-e3c95619c1' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys