Fedora Linux 8779 Published by

Fedora Linux has been updated with two security updates for radare2 and iaito:

[SECURITY] Fedora 40 Update: radare2-5.9.6-1.fc40
[SECURITY] Fedora 40 Update: iaito-5.9.6-1.fc40
[SECURITY] Fedora 41 Update: radare2-5.9.6-1.fc41
[SECURITY] Fedora 41 Update: iaito-5.9.6-1.fc41
[SECURITY] Fedora 39 Update: radare2-5.9.6-1.fc39
[SECURITY] Fedora 39 Update: iaito-5.9.6-1.fc39




[SECURITY] Fedora 40 Update: radare2-5.9.6-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-c52c5c8791
2024-11-09 01:46:20.631034
--------------------------------------------------------------------------------

Name : radare2
Product : Fedora 40
Version : 5.9.6
Release : 1.fc40
URL : https://radare.org/
Summary : The reverse engineering framework
Description :
The radare2 is a reverse-engineering framework that is multi-architecture,
multi-platform, and highly scriptable. Radare2 provides a hexadecimal
editor, wrapped I/O, file system support, debugger support, diffing
between two functions or binaries, and code analysis at opcode,
basic block, and function levels.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-48241
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 16 2024 Michal Ambroz [rebus@seznam.cz] - 5.9.6-1
- bump to 5.9.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2318484 - iaito-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2318484
[ 2 ] Bug #2319076 - radare2-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2319076
[ 3 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2322791
[ 4 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2322792
[ 5 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2322793
[ 6 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322794
[ 7 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2322795
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-c52c5c8791' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: iaito-5.9.6-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-c52c5c8791
2024-11-09 01:46:20.631034
--------------------------------------------------------------------------------

Name : iaito
Product : Fedora 40
Version : 5.9.6
Release : 1.fc40
URL : https://radare.org/n/iaito.html
Summary : GUI for radare2 reverse engineering framework
Description :
iaito is a Qt and C++ GUI for radare2.
It is the continuation of Cutter before the fork to keep radare2 as backend.
Its goal is making an advanced, customizable and FOSS reverse-engineering
platform while keeping the user experience at mind.
The iaito is created by reverse engineers for reverse engineers.
Focus on supporting latest version of radare2.
Recommend the use of system installed libraries/radare2.
Closer integration between r2 and the UI.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-48241
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 16 2024 Michal Ambroz [rebus@seznam.cz] - 5.9.6-1
- bump to 5.9.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2318484 - iaito-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2318484
[ 2 ] Bug #2319076 - radare2-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2319076
[ 3 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2322791
[ 4 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2322792
[ 5 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2322793
[ 6 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322794
[ 7 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2322795
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-c52c5c8791' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: radare2-5.9.6-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-658aeaa7ea
2024-11-09 01:44:19.956033
--------------------------------------------------------------------------------

Name : radare2
Product : Fedora 41
Version : 5.9.6
Release : 1.fc41
URL : https://radare.org/
Summary : The reverse engineering framework
Description :
The radare2 is a reverse-engineering framework that is multi-architecture,
multi-platform, and highly scriptable. Radare2 provides a hexadecimal
editor, wrapped I/O, file system support, debugger support, diffing
between two functions or binaries, and code analysis at opcode,
basic block, and function levels.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-48241
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 16 2024 Michal Ambroz [rebus@seznam.cz] - 5.9.6-1
- bump to 5.9.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2318484 - iaito-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2318484
[ 2 ] Bug #2319076 - radare2-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2319076
[ 3 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2322791
[ 4 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2322792
[ 5 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2322793
[ 6 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322794
[ 7 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2322795
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-658aeaa7ea' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: iaito-5.9.6-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-658aeaa7ea
2024-11-09 01:44:19.956033
--------------------------------------------------------------------------------

Name : iaito
Product : Fedora 41
Version : 5.9.6
Release : 1.fc41
URL : https://radare.org/n/iaito.html
Summary : GUI for radare2 reverse engineering framework
Description :
iaito is a Qt and C++ GUI for radare2.
It is the continuation of Cutter before the fork to keep radare2 as backend.
Its goal is making an advanced, customizable and FOSS reverse-engineering
platform while keeping the user experience at mind.
The iaito is created by reverse engineers for reverse engineers.
Focus on supporting latest version of radare2.
Recommend the use of system installed libraries/radare2.
Closer integration between r2 and the UI.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-48241
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 16 2024 Michal Ambroz [rebus@seznam.cz] - 5.9.6-1
- bump to 5.9.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2318484 - iaito-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2318484
[ 2 ] Bug #2319076 - radare2-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2319076
[ 3 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2322791
[ 4 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2322792
[ 5 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2322793
[ 6 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322794
[ 7 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2322795
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-658aeaa7ea' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: radare2-5.9.6-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-e7c0a0d876
2024-11-09 00:57:22.589812
--------------------------------------------------------------------------------

Name : radare2
Product : Fedora 39
Version : 5.9.6
Release : 1.fc39
URL : https://radare.org/
Summary : The reverse engineering framework
Description :
The radare2 is a reverse-engineering framework that is multi-architecture,
multi-platform, and highly scriptable. Radare2 provides a hexadecimal
editor, wrapped I/O, file system support, debugger support, diffing
between two functions or binaries, and code analysis at opcode,
basic block, and function levels.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-48241
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 16 2024 Michal Ambroz [rebus@seznam.cz] - 5.9.6-1
- bump to 5.9.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2318484 - iaito-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2318484
[ 2 ] Bug #2319076 - radare2-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2319076
[ 3 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2322791
[ 4 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2322792
[ 5 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2322793
[ 6 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322794
[ 7 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2322795
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-e7c0a0d876' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: iaito-5.9.6-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-e7c0a0d876
2024-11-09 00:57:22.589812
--------------------------------------------------------------------------------

Name : iaito
Product : Fedora 39
Version : 5.9.6
Release : 1.fc39
URL : https://radare.org/n/iaito.html
Summary : GUI for radare2 reverse engineering framework
Description :
iaito is a Qt and C++ GUI for radare2.
It is the continuation of Cutter before the fork to keep radare2 as backend.
Its goal is making an advanced, customizable and FOSS reverse-engineering
platform while keeping the user experience at mind.
The iaito is created by reverse engineers for reverse engineers.
Focus on supporting latest version of radare2.
Recommend the use of system installed libraries/radare2.
Closer integration between r2 and the UI.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2024-48241
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 16 2024 Michal Ambroz [rebus@seznam.cz] - 5.9.6-1
- bump to 5.9.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2318484 - iaito-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2318484
[ 2 ] Bug #2319076 - radare2-5.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2319076
[ 3 ] Bug #2322791 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2322791
[ 4 ] Bug #2322792 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2322792
[ 5 ] Bug #2322793 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2322793
[ 6 ] Bug #2322794 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322794
[ 7 ] Bug #2322795 - CVE-2024-48241 radare2: OOB write via __bf_div function may lead to denial of service [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2322795
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-e7c0a0d876' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--