Fedora Linux 8779 Published by

Fedora Linux has received security updates, including llama-cpp and python-quart:

Fedora 40 Update: llama-cpp-b3561-1.fc40
Fedora 40 Update: python-quart-0.19.8-1.fc40
Fedora 41 Update: python-quart-0.19.8-1.fc41




[SECURITY] Fedora 40 Update: llama-cpp-b3561-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-b07b0b41ec
2024-11-05 04:42:16.847196
--------------------------------------------------------------------------------

Name : llama-cpp
Product : Fedora 40
Version : b3561
Release : 1.fc40
URL : https://github.com/ggerganov/llama.cpp
Summary : Port of Facebook's LLaMA model in C/C++
Description :
The main goal of llama.cpp is to run the LLaMA model using 4-bit
integer quantization on a MacBook

* Plain C/C++ implementation without dependencies
* Apple silicon first-class citizen - optimized via ARM NEON, Accelerate
and Metal frameworks
* AVX, AVX2 and AVX512 support for x86 architectures
* Mixed F16 / F32 precision
* 2-bit, 3-bit, 4-bit, 5-bit, 6-bit and 8-bit integer quantization support
* CUDA, Metal and OpenCL GPU backend support

The original implementation of llama.cpp was hacked in an evening.
Since then, the project has improved significantly thanks to many
contributions. This project is mainly for educational purposes and
serves as the main playground for developing new features for the
ggml library.

--------------------------------------------------------------------------------
Update Information:

Update to b3561
--------------------------------------------------------------------------------
ChangeLog:

* Sat Oct 26 2024 Tom Rix [Tom.Rix@amd.com] - b3561-1
- Update to b3561
* Tue May 21 2024 Mohammadreza Hendiani [man2dev@fedoraproject.org] - b2879-7
- removed old file names .gitignore
* Sun May 19 2024 Tom Rix [trix@redhat.com] - b2879-6
- Remove old sources
* Sun May 19 2024 Tom Rix [trix@redhat.com] - b2879-5
- Include missing sources
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2304712 - CVE-2024-42479 llama-cpp: Write-what-where in rpc_server::set_tensor [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2304712
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-b07b0b41ec' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: python-quart-0.19.8-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-51bff89a25
2024-11-05 04:42:16.847161
--------------------------------------------------------------------------------

Name : python-quart
Product : Fedora 40
Version : 0.19.8
Release : 1.fc40
URL : https://github.com/pallets/quart
Summary : A Python ASGI web microframework with the same API as Flask
Description :
Quart is an async Python web microframework. Using Quart you can,

* render and serve HTML templates,
* write (RESTful) JSON APIs,
* serve WebSockets,
* stream request and response data,
* do pretty much anything over the HTTP or WebSocket protocols.

--------------------------------------------------------------------------------
Update Information:

Security fix for GHSA-q34m-jh98-gwm2.
0.19.8 2024-10-25
Bugfix: Fix missing check that caused the previous fix to raise an error.
0.19.7 2024-10-25
Security Fix: how max_form_memory_size is applied when parsing large non-file
fields. https://github.com/advisories/GHSA-q34m-jh98-gwm2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 25 2024 Packit [hello@packit.dev] - 0.19.8-1
- Update to 0.19.8 upstream release
- Resolves: rhbz#2321827
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.19.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sun Jun 9 2024 Python Maint - 0.19.6-2
- Rebuilt for Python 3.13
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2321827 - python-quart-0.19.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2321827
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-51bff89a25' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: python-quart-0.19.8-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-2f78bf0769
2024-11-05 04:38:39.892325
--------------------------------------------------------------------------------

Name : python-quart
Product : Fedora 41
Version : 0.19.8
Release : 1.fc41
URL : https://github.com/pallets/quart
Summary : A Python ASGI web microframework with the same API as Flask
Description :
Quart is an async Python web microframework. Using Quart you can,

* render and serve HTML templates,
* write (RESTful) JSON APIs,
* serve WebSockets,
* stream request and response data,
* do pretty much anything over the HTTP or WebSocket protocols.

--------------------------------------------------------------------------------
Update Information:

Security fix for GHSA-q34m-jh98-gwm2.
0.19.8 2024-10-25
Bugfix: Fix missing check that caused the previous fix to raise an error.
0.19.7 2024-10-25
Security Fix: how max_form_memory_size is applied when parsing large non-file
fields. https://github.com/advisories/GHSA-q34m-jh98-gwm2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 25 2024 Packit [hello@packit.dev] - 0.19.8-1
- Update to 0.19.8 upstream release
- Resolves: rhbz#2321827
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2321827 - python-quart-0.19.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2321827
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-2f78bf0769' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--