Fedora Linux 8783 Published by

A rust-sequoia-sqv security update has been released for Fedora 37.



SECURITY: Fedora 37 Update: rust-sequoia-sqv-1.1.0-5.fc37


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-1d0d71b6aa
2023-05-27 01:25:15.781100
--------------------------------------------------------------------------------

Name : rust-sequoia-sqv
Product : Fedora 37
Version : 1.1.0
Release : 5.fc37
URL :   https://crates.io/crates/sequoia-sqv
Summary : Simple OpenPGP signature verification program
Description :
Simple OpenPGP signature verification program.

--------------------------------------------------------------------------------
Update Information:

- Update the sequoia-openpgp crate to version 1.16.0. - Update the nettle crate
to version 7.3.0. - Update the nettle-sys crate to version 2.2.0. - Update the
buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp
crate fixes some issues in parsing code, which could lead to attempted out-of-
bounds accesses that result in crashes due to bounds checks which are included
by default in Rust code. This update contains rebuilds of all applications that
are based on sequoia-openpgp to address this issue. ---- Update to version
1.5.0. This release improves compatibility with the version of librnp that's
bundled in recent versions of thunderbird.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 18 2023 Fabio Valentini - 1.1.0-5
- Rebuild for sequoia-openpgp v1.16
* Sun Feb 5 2023 Fabio Valentini - 1.1.0-4
- Rebuild for fixed frame pointer compiler flags in Rust RPM macros
* Sat Jan 21 2023 Fedora Release Engineering - 1.1.0-3
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-1d0d71b6aa' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________