stable

caddy-1.0.5-1.el7

FEDORA-EPEL-2023-284c34a6cc created by carlwgeorge 12 months ago for Fedora EPEL 7

This updates takes the package from version 1.0.3 to 1.0.5, the most recent version in the v1 branch. It provides fixes for two CVEs:

  • CVE-2022-3064, resolved by updating the bundled gopkg.in/yaml.v2 to 2.2.4
  • CVE-2022-41717, resolved by building with golang 1.19.10

This update has been submitted for testing by carlwgeorge.

12 months ago

This update's test gating status has been changed to 'ignored'.

12 months ago

This update has been pushed to testing.

12 months ago

This update has been submitted for stable by bodhi.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
12 months ago
in testing
12 months ago
in stable
11 months ago
approved
11 months ago
BZ#2163539 CVE-2022-3064 caddy: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [epel-7]
0
0
BZ#2163603 CVE-2022-41717 caddy: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [epel-7]
0
0

Automated Test Results