**PHP version 7.4.28** (17 Feb 2022) **Filter:** * Fixed bug php#81708: UAF due to php_filter_float() failing for ints (**CVE-2021-21708**)
Archive for February, 2022
Red Hat OpenShift Container Platform release 4.9.22 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Red Hat OpenShift Container Platform release 4.9.22 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Several security issues were fixed in the Linux kernel.
Cyrus SASL could run programs if it received specially crafted network traffic.
Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.
Several security issues were fixed in PHP.
**PHP version 8.0.16** (17 Feb 2022) **Core:** * Fixed bug php#81430 (Attribute instantiation leaves dangling pointer). (beberlei) * Fixed bug [GH-7896](https://github.com/php/php-src/issues/7896) (Environment vars may be mangled on Windows). (cmb) **FFI:** * Fixed bug [GH-7867](https://github.com/php/php-src/issues/7867) (FFI::cast() from pointer
The newest upstream commit Security fix for CVE-2022-0629
Cyrus SASL could run programs if it received specially crafted network traffic.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
c3p0 could be made to crash if it opened a specially crafted file.
An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
– update to latest upstream release (fixes CVE-2021-45444)
In this twenty-fifth episode of the WordPress Briefing, Executive Director, Josepha Haden Chomphosy discusses future-proofing the WordPress project with the Five for the Future pledge. Have a question you’d like answered? You can submit them to [email protected], either written or as a voice recording. Credits Editor: Dustin Hartzler Logo: Beatriz Fialho Production: Chloé Bringmann & Santana Inniss Song: […]
An update for sg-core-container is now available for Service Telemetry Framework 1.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Several security issues were fixed in Expat.
An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Update to 2.54.3. Cherry pick misc SELinux policy fixes. Fixes for CVE-2021-44731, CVE-2021-44730, CVE-2021-4120.
**phpMyAdmin 5.1.3** – 2022-02-11 This version primarily addresses a regression that caused the navigation pane to not function correctly when multiple pages of tables were shown. Version 5.1.3 includes a security hardening improvement. The issue, reported by Rafael Pedrero, could allow users to cause an error that would reveal the path on disk where phpMyAdmin is running from. We believe this
New version 3.2.8 Security fix for CVE-2021-33582 Security fix for CVE-2021-32056
Update to 2.54.3. Cherry pick misc SELinux policy fixes. Fixes for CVE-2021-44731, CVE-2021-44730, CVE-2021-4120.
The following vulnerabilities have been discovered in the WPE WebKit web engine: CVE-2022-22589
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-22589
Update to 2.34.6: * Fix accessibility not working when the Bubblewrap sandbox is enabled. * Fix rendering of scrollbars when overlay scrollbars are disabled. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-22620
Security fix for CVE-2021-4115