Fedora Linux 8784 Published by

A vtk security update has been released for Fedora 37.



SECURITY: Fedora 37 Update: vtk-9.1.0-18.fc37


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-2cf9dd7d52
2023-05-11 01:52:13.343931
--------------------------------------------------------------------------------

Name : vtk
Product : Fedora 37
Version : 9.1.0
Release : 18.fc37
URL :   https://vtk.org/
Summary : The Visualization Toolkit - A high level 3D visualization library
Description :
VTK is an open-source software system for image processing, 3D
graphics, volume rendering and visualization. VTK includes many
advanced algorithms (e.g., surface reconstruction, implicit modeling,
decimation) and rendering techniques (e.g., hardware-accelerated
volume rendering, LOD control).

NOTE: The version in this package has NOT been compiled with MPI support.

Install the vtk-mpich package to get a version compiled with mpich.

Install the vtk-openmpi package to get a version compiled with openmpi.

--------------------------------------------------------------------------------
Update Information:

Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr
dereference
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 25 2023 Orion Poplawski - 9.1.0-18
- Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr
dereference (bz#2189654)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2189654 - CVE-2021-42521 vtk: NULL pointer dereference vulnerability [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2189654
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-2cf9dd7d52' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________