security/wiki
8
0
Fork 1
generated from sig_core/wiki-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

issues/CVE-2024-2961.md: Add EL8 fix, mention need to restart after fix #34

Merged
neil merged 1 commits from solardiz-patch-33 into main 2024-05-23 20:04:35 +00:00
Conversation 0 Commits 1 Files Changed 1 +7 -3
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit d5049ca4e0 - Show all commits

10
docs/issues/CVE-2024-2961.md
View File

@ -18,11 +18,12 @@ Public disclosure date: April 17, 2024
## EL9
Fixed in version: `2.34-83.12.el9_3.security.0.5` available April 18, 2024
- Fixed in version: `2.34-83.12.el9_3.security.0.5` available April 18, 2024
## EL8
Affected. We will of course rebuild upstream's fix as soon as it arrives.
- Fixed in version: `2.28-236.el8_9.13` available May 7, 2024
- Errata: [RLSA-2024:2722](https://errata.rockylinux.org/RLSA-2024:2722) issued May 9, 2024
## Mitigation
@ -43,4 +44,7 @@ iconvconfig
To make sure this has worked as intended, we also recommend that you run `iconv -l | grep ISO-2022-CN-EXT` before and after the above procedure. It should list the ISO-2022-CN-EXT character set before the procedure, but produce empty output afterwards.
Finally, if you have long-running processes for which the bug matters (such as PHP-FPM), you'll need to restart those.
## Making the fix or mitigation effective
After installing a fixed version of glibc or/and applying the mitigation,
you'll need to restart any long-running processes for which the bug matters (such as PHP-FPM).