gfbgraph-0.2.4-1.el8.ML.1
エラータID: AXSA:2022-3332:02
GLib/GObject wrapper for the Facebook Graph API that integrates with GNOME
Online Accounts.
The following packages have been upgraded to a later upstream version: gfbgraph
(0.2.4). (BZ#1997941)
Security Fix(es):
* gfbgraph: missing TLS certificate verification (CVE-2021-39358)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise
Linux 8.6 Release Notes linked from the References section.
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS
certificate verification on the SoupSessionSync objects it creates, leaving
users vulnerable to network MITM attacks. NOTE: this is similar to
CVE-2016-20011.
Update packages.
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
N/A
SRPMS
- gfbgraph-0.2.4-1.el8.ML.1.src.rpm
MD5: 885816254281a0da2e923df8f9ae9e56
SHA-256: 0ac9b3f69bc03e61d46fec8bd5ed8399027d59946b2ced023764cdebf85f130d
Size: 49.71 kB
Asianux Server 8 for x86_64
- gfbgraph-0.2.4-1.el8.ML.1.x86_64.rpm
MD5: f33ef50c6d760168b895d29f6b8211ac
SHA-256: 7f70e7f6d6a6c5590380ccdb485adc7038ced1a69ef6d6849d50b5375334ed44
Size: 40.39 kB - gfbgraph-0.2.4-1.el8.ML.1.i686.rpm
MD5: f868df6cb88e23ef5ba9685db1608eeb
SHA-256: 5d4a05a7edde1f3ef63e1e8652a9999c064ba3a397c0bdf5e5a673d69bb9f7d3
Size: 41.43 kB