Security fix for CVE-2021-4034
Archive for January 26th, 2022
Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code.
pkexec: argv overflow results in local privilege esc.
This is a regression fix update, reverting non-backwards-compatible behaviour changes in the solution previously chosen for [CVE-2022-21682](https://github.co m/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx)
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for the parfait:0.5 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Several security issues were fixed in X.Org X Server.