Fedora Linux 8781 Published by

A procps-ng security update has been released for Fedora 38.



[SECURITY] Fedora 38 Update: procps-ng-3.3.17-11.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-30c3ca07eb
2023-08-21 00:57:49.823939
--------------------------------------------------------------------------------

Name : procps-ng
Product : Fedora 38
Version : 3.3.17
Release : 11.fc38
URL : https://sourceforge.net/projects/procps-ng/
Summary : System and process monitoring utilities
Description :
The procps package contains a set of system utilities that provide
system information. Procps includes ps, free, skill, pkill, pgrep,
snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch,
pwdx and pidwait.
The ps command displays a snapshot of running processes. The top command
provides a repetitive update of the statuses of running processes.
The free command displays the amounts of free and used memory on your
system. The skill command sends a terminate command (or another
specified signal) to a specified set of processes. The snice
command is used to change the scheduling priority of specified
processes. The tload command prints a graph of the current system
load average to a specified tty. The uptime command displays the
current time, how long the system has been running, how many users
are logged on, and system load averages for the past one, five,
and fifteen minutes. The w command displays a list of the users
who are currently logged on and what they are running. The watch
program watches a running program. The vmstat command displays
virtual memory statistics about processes, memory, paging, block
I/O, traps, and CPU activity. The pwdx command reports the current
working directory of a process or processes. The pidwait command
waits for processes of specified names.

--------------------------------------------------------------------------------
Update Information:

Possible buffer overflow in 'ps' (CVE-2023-4016)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 15 2023 Jan Rybar [jrybar@redhat.com] - 3.3.17-11
- CVE-2023-4016: ps: possible buffer overflow
- Resolves: bz#2230186
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2230186 - CVE-2023-4016 procps-ng: procps: ps buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2230186
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-30c3ca07eb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------