Fedora Linux 8813 Published by

A nbd security update has been released for Fedora 34.



SECURITY: Fedora 34 Update: nbd-3.24-1.fc34


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-62adf9a1e0
2022-03-16 15:57:05.636809
--------------------------------------------------------------------------------

Name : nbd
Product : Fedora 34
Version : 3.24
Release : 1.fc34
URL :   http://nbd.sourceforge.net
Summary : Network Block Device user-space tools (TCP version)
Description :
Tools for the Linux Kernel's network block device, allowing you to use
remote block devices over a TCP/IP network.

--------------------------------------------------------------------------------
Update Information:

Update to 3.24: fix CVE-2022-26495, CVE-2022-26496
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 8 2022 Robin Lee 3.24-1
- Update to 3.24: fix CVE-2022-26495(RHBZ#2061541),
CVE-2022-26496(RHBZ#2061542)
* Thu Jan 20 2022 Fedora Release Engineering 3.23-2
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Nov 26 2021 Robin Lee 3.23-1
- New release 3.23
* Tue Oct 12 2021 Robin Lee 3.22-3
- Fix test failure on armv7hl, another try
* Mon Oct 11 2021 Robin Lee 3.22-2
- Fix test failure on armv7hl
* Mon Oct 11 2021 Robin Lee 3.22-1
- New release 3.22
* Thu Jul 22 2021 Fedora Release Engineering - 3.21-3
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2061541 - CVE-2022-26495 nbd: heap-based buffer overflow in nbd-server.c
  https://bugzilla.redhat.com/show_bug.cgi?id=2061541
[ 2 ] Bug #2061542 - CVE-2022-26496 nbd: stack-based buffer overflow during name parsing in nbd-server.c
  https://bugzilla.redhat.com/show_bug.cgi?id=2061542
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-62adf9a1e0' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________