Fedora Linux 8811 Published by

Fedora Linux has been updated with various security enhancements, including libsndfile, trafficserver, and microcode_ct:

[SECURITY] Fedora 41 Update: libsndfile-1.2.2-5.fc41
[SECURITY] Fedora 41 Update: trafficserver-9.2.6-2.fc41
[SECURITY] Fedora 40 Update: trafficserver-9.2.6-2.fc40
[SECURITY] Fedora 40 Update: microcode_ctl-2.1-61.5.fc40
[SECURITY] Fedora 39 Update: trafficserver-9.2.6-2.fc39
[SECURITY] Fedora 39 Update: microcode_ctl-2.1-58.5.fc39




[SECURITY] Fedora 41 Update: libsndfile-1.2.2-5.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-1318318e7a
2024-11-22 03:20:28.890353+00:00
--------------------------------------------------------------------------------

Name : libsndfile
Product : Fedora 41
Version : 1.2.2
Release : 5.fc41
URL : http://libsndfile.github.io/libsndfile/
Summary : Library for reading and writing sound files
Description :
libsndfile is a C library for reading and writing sound files such as
AIFF, AU, WAV, and others through one standard interface. It can
currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and
64-bit floating point WAV files and a number of compressed formats. It
compiles and runs on *nix, MacOS, and Win32.

--------------------------------------------------------------------------------
Update Information:

fix crash in in ogg vorbis (#2322326) (CVE-2024-50612)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 18 2024 Michal Hlavinka [mhlavink@redhat.com] - 1.2.2-5
- fix crash in in ogg vorbis (rhbz#2322326) (CVE-2024-50612)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-1318318e7a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: trafficserver-9.2.6-2.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-f4dc07db08
2024-11-22 03:20:28.890333+00:00
--------------------------------------------------------------------------------

Name : trafficserver
Product : Fedora 41
Version : 9.2.6
Release : 2.fc41
URL : https://trafficserver.apache.org/
Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
Description :
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and
bandwidth needs by caching and reusing frequently-requested web pages,
images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content
requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands
of requests per second.

Extensible - APIs to write your own plug-ins to do anything from
modifying HTTP headers to handling ESI requests to writing your own
cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and
reverse proxies, Apache Traffic Server is battle hardened.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 9.2.6
Backport fix for broken oubound TLS with OpenSSL 3.2+
Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 12 2024 Jered Floyd [jered@redhat.com] 9.2.6-2
- Backport fix for broken oubound TLS with OpenSSL 3.2+
* Tue Nov 12 2024 Jered Floyd [jered@redhat.com] 9.2.6-1
- Update to upstream 9.2.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2326136 - trafficserver stopped working after upgrade from F39 to F40 - connection to backendserver is finished before data flows
https://bugzilla.redhat.com/show_bug.cgi?id=2326136
[ 2 ] Bug #2326236 - CVE-2024-50306 trafficserver: Apache Traffic Server: Server process can fail to drop privilege [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2326236
[ 3 ] Bug #2326241 - CVE-2024-50305 trafficserver: Apache Traffic Server: Valid Host field value can cause crashes [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2326241
[ 4 ] Bug #2326246 - CVE-2024-38479 trafficserver: Apache Traffic Server: Cache key plugin is vulnerable to cache poisoning attack [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2326246
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-f4dc07db08' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: trafficserver-9.2.6-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-b3c4e8da81
2024-11-22 03:20:41.654875+00:00
--------------------------------------------------------------------------------

Name : trafficserver
Product : Fedora 40
Version : 9.2.6
Release : 2.fc40
URL : https://trafficserver.apache.org/
Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
Description :
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and
bandwidth needs by caching and reusing frequently-requested web pages,
images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content
requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands
of requests per second.

Extensible - APIs to write your own plug-ins to do anything from
modifying HTTP headers to handling ESI requests to writing your own
cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and
reverse proxies, Apache Traffic Server is battle hardened.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 9.2.6
Backport fix for broken oubound TLS with OpenSSL 3.2+
Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 12 2024 Jered Floyd [jered@redhat.com] 9.2.6-2
- Backport fix for broken oubound TLS with OpenSSL 3.2+
* Tue Nov 12 2024 Jered Floyd [jered@redhat.com] 9.2.6-1
- Update to upstream 9.2.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2326136 - trafficserver stopped working after upgrade from F39 to F40 - connection to backendserver is finished before data flows
https://bugzilla.redhat.com/show_bug.cgi?id=2326136
[ 2 ] Bug #2326235 - CVE-2024-50306 trafficserver: Apache Traffic Server: Server process can fail to drop privilege [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2326235
[ 3 ] Bug #2326240 - CVE-2024-50305 trafficserver: Apache Traffic Server: Valid Host field value can cause crashes [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2326240
[ 4 ] Bug #2326245 - CVE-2024-38479 trafficserver: Apache Traffic Server: Cache key plugin is vulnerable to cache poisoning attack [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2326245
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-b3c4e8da81' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: microcode_ctl-2.1-61.5.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-d20a106350
2024-11-22 03:20:41.654773+00:00
--------------------------------------------------------------------------------

Name : microcode_ctl
Product : Fedora 40
Version : 2.1
Release : 61.5.fc40
URL : https://pagure.io/microcode_ctl
Summary : Tool to transform and deploy CPU microcode update for x86
Description :
The microcode_ctl utility is a companion to the microcode driver written
by Tigran Aivazian [tigran@aivazian.fsnet.co.uk].

The microcode update is volatile and needs to be uploaded on each system
boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts
back to the old microcode.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.1-47. 20241112
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0
up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0005c0
up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0005c0 up to 0x2b000603;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x36 up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x36
up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x434 up to 0x435;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x434 up to 0x435;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x434 up to 0x435;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x434
up to 0x435;
Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1f
up to 0x20;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4122 up to 0x4123;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4122 up to 0x4123;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4122 up to 0x4123;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4122 up to 0x4123;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4122
up to 0x4123;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4122 up to 0x4123;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
Update of 06-ba-08/0xe0 microcode from revision 0x4122 up to 0x4123;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x36 up to 0x37;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x36 up to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000230
up to 0x21000283;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) from revision 0x21000230 up to 0x21000283;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x21000230 up to 0x21000283;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000230
up to 0x21000283.
Addresses CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984
Update to upstream 2.1-46. 20241029
Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x129 up
to 0x12b.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 13 2024 Eugene Syromiatnikov [esyr@redhat.com] 2:2.1-61.5
- Update to upstream 2.1-47. 20241112
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0
up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0005c0
up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0005c0 up to 0x2b000603;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x36
up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x434 up to 0x435;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x434 up to 0x435;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x434 up to 0x435;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x434
up to 0x435;
- Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1f
up to 0x20;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4122 up to 0x4123;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4122 up to 0x4123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4122
up to 0x4123;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4122 up to 0x4123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
- Update of 06-ba-08/0xe0 microcode from revision 0x4122 up to 0x4123;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x36 up to 0x37;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000230
up to 0x21000283;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) from revision 0x21000230 up to 0x21000283;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x21000230 up to 0x21000283;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000230
up to 0x21000283.
- Addresses CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984
* Mon Nov 11 2024 Eugene Syromiatnikov [esyr@redhat.com] 2:2.1-61.4
- Update to upstream 2.1-46. 20241029
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x129 up
to 0x12b.
- Resolves RHBZ#2324127
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2324127 - 20241029 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2324127
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-d20a106350' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: trafficserver-9.2.6-2.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-589ea34c42
2024-11-22 02:09:32.745829+00:00
--------------------------------------------------------------------------------

Name : trafficserver
Product : Fedora 39
Version : 9.2.6
Release : 2.fc39
URL : https://trafficserver.apache.org/
Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server
Description :
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications. Key features:

Caching - Improve your response time, while reducing server load and
bandwidth needs by caching and reusing frequently-requested web pages,
images, and web service calls.

Proxying - Easily add keep-alive, filter or anonymize content
requests, or add load balancing by adding a proxy layer.

Fast - Scales well on modern SMP hardware, handling 10s of thousands
of requests per second.

Extensible - APIs to write your own plug-ins to do anything from
modifying HTTP headers to handling ESI requests to writing your own
cache algorithm.

Proven - Handling over 400TB a day at Yahoo! both as forward and
reverse proxies, Apache Traffic Server is battle hardened.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 9.2.6
Backport fix for broken oubound TLS with OpenSSL 3.2+
Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 12 2024 Jered Floyd [jered@redhat.com] 9.2.6-2
- Backport fix for broken oubound TLS with OpenSSL 3.2+
* Tue Nov 12 2024 Jered Floyd [jered@redhat.com] 9.2.6-1
- Update to upstream 9.2.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2326136 - trafficserver stopped working after upgrade from F39 to F40 - connection to backendserver is finished before data flows
https://bugzilla.redhat.com/show_bug.cgi?id=2326136
[ 2 ] Bug #2326234 - CVE-2024-50306 trafficserver: Apache Traffic Server: Server process can fail to drop privilege [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2326234
[ 3 ] Bug #2326239 - CVE-2024-50305 trafficserver: Apache Traffic Server: Valid Host field value can cause crashes [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2326239
[ 4 ] Bug #2326244 - CVE-2024-38479 trafficserver: Apache Traffic Server: Cache key plugin is vulnerable to cache poisoning attack [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2326244
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-589ea34c42' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: microcode_ctl-2.1-58.5.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-7dfc167df4
2024-11-22 02:09:32.745782+00:00
--------------------------------------------------------------------------------

Name : microcode_ctl
Product : Fedora 39
Version : 2.1
Release : 58.5.fc39
URL : https://pagure.io/microcode_ctl
Summary : Tool to transform and deploy CPU microcode update for x86
Description :
The microcode_ctl utility is a companion to the microcode driver written
by Tigran Aivazian [tigran@aivazian.fsnet.co.uk].

The microcode update is volatile and needs to be uploaded on each system
boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts
back to the old microcode.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 2.1-47. 20241112
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0
up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0005c0
up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0005c0 up to 0x2b000603;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x36 up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x36
up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x434 up to 0x435;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x434 up to 0x435;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x434 up to 0x435;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x434
up to 0x435;
Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1f
up to 0x20;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4122 up to 0x4123;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4122 up to 0x4123;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4122 up to 0x4123;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4122 up to 0x4123;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4122
up to 0x4123;
Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4122 up to 0x4123;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
Update of 06-ba-08/0xe0 microcode from revision 0x4122 up to 0x4123;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x36 up to 0x37;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x36 up to 0x37;
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000230
up to 0x21000283;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) from revision 0x21000230 up to 0x21000283;
Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x21000230 up to 0x21000283;
Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000230
up to 0x21000283.
Addresses CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984
Update to upstream 2.1-46. 20241029
Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x129 up
to 0x12b.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 13 2024 Eugene Syromiatnikov [esyr@redhat.com] 2:2.1-58.5
- Update to upstream 2.1-47. 20241112
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0
up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0005c0
up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0005c0 up to 0x2b000603;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x36
up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x434 up to 0x435;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x434 up to 0x435;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x434 up to 0x435;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x434
up to 0x435;
- Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1f
up to 0x20;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4122 up to 0x4123;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4122 up to 0x4123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4122
up to 0x4123;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4122 up to 0x4123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
- Update of 06-ba-08/0xe0 microcode from revision 0x4122 up to 0x4123;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x36 up to 0x37;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000230
up to 0x21000283;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) from revision 0x21000230 up to 0x21000283;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x21000230 up to 0x21000283;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000230
up to 0x21000283.
- Addresses CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984
* Mon Nov 11 2024 Eugene Syromiatnikov [esyr@redhat.com] 2:2.1-58.4
- Update to upstream 2.1-46. 20241029
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x129 up
to 0x12b.
- Resolves RHBZ#2324127
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2324127 - 20241029 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2324127
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-7dfc167df4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--