Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

    PaulHowarth/Blog/2020-05-19

Tuesday 19th May 2020

Fedora Project

  • Updated perl-Text-CSV_XS to 1.42 in Rawhide:

    • Update to Devel::PPPort-3.58

    • Unicode fixes for csv2xls and csv2xlsx

    • Add internal buffers to cache diagnostics

    • Fix positional reporting in examples/csv-check

    • Allow passing CSV parsing attributes to csv-check

    • Proof reading - doc fixes by Klaus Baldermann <soonix> (GH#21)

    • Fix type caching (CPAN RT#132344)

    • Small doc fix by Nick Tonkin <1nickt> (GH#22)

    • Fix sep=; being ignored in ->header (GH#23)

Local Packages

  • Updated dovecot to 2.3.10.1:

    • CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter

      • This occurs particularly for a parameter that doesn't start with a double quote

      • This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication

    • CVE-2020-10958: lmtp/submission: Sending many invalid or unknown commands can cause the server to access freed memory, which can lead to a server crash

      • This happens when the server closes the connection with a "421 Too many invalid commands" error; the bad command limit depends on the service (lmtp or submission) and varies between 10 to 20 bad commands

    • CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an address that has the empty quoted string as local-part causes the lmtp service to crash

  • Updated nmap (7.80) not to assert-crash on unsolicited ARP response (Bug #1836989)

  • Updated perl-Text-CSV_XS to 1.42 as per the Fedora version

Recent