Per the upstream release announcement¹, this release fixes "various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE identifiers."
Refer to the 2.14.6 release notes² for details on these vulnerabilities and the 2.24.0 release notes³ for details on other improvements and fixes since 2.23.0.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2019-c841bcc3b9
Please login to add feedback.