Security fix for CVE-2015-20107
Archive for July, 2022
USN-5479-1 was incomplete and didn’t properly fix one of the addressed issues.
Several security issues were fixed in NSS.
Several security issues were fixed in the Linux kernel.
Fix for CVE-2022-34903 (#2103242)
This is the June 2022 monthly update for .NET Core 3.1. It updates the SDK to version 3.1.420 and Runtime to 3.1.26 It includes fixes for CVE-2022-30184 Upstream release notes for .NET Core 3.1.26: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.26/3.1.26.md
OpenSSL could be made to crash or run programs when the c_rehash script is used.
With WordPress 6.1 already in the works, a lot of updates happened during June. Here’s a summary to catch up on the ones you may have missed. WordPress 6.1 is Slated for Release on October 25, 2022 Planning for WordPress 6.1 kicked off a few weeks ago with a proposed schedule and a call for […]
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities. CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166
“` * Thu Jun 30 2022 Clemens Lang
Update to 91.11.0
Arseniy Sharoglazov discovered multiple security issues in LDAP Account Manager (LAM), a web frontend for managing accounts in an LDAP directory, which could result in information disclosure or unauthenticated remote code execution.
An update is now available for Red Hat Satellite 6.11 2. Relevant releases/architectures: Red Hat Satellite 6.11 for RHEL 7 – noarch, x86_64 Red Hat Satellite 6.11 for RHEL 8 – noarch, x86_64
GnuPG could allow forged signatures.
OpenSSL could be made to expose sensitive information over the network.
Multiple vulnerabilities have been discovered in various image parsers in Blender, a 3D modeller/ renderer, which may result in denial of service of the execution of arbitrary code if a malformed file is opened.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed
Several security issues were fixed in PHP.
An update for rh-php73-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Django could be made to expose sensitive information if it received a specially crafted input.
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). —- Update to 1.1.0 —- Disable package_note on arm too —- update to 0.44.1 rhbz#2007854 —- Add missing archive —- Update to 0.0.31 – Close: rhbz#1963535 —- Rebuilt for CVE-2022-1996,
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). —- Update to 1.1.0 —- Disable package_note on arm too —- update to 0.44.1 rhbz#2007854 —- Add missing archive —- Update to 0.0.31 – Close: rhbz#1963535 —- Rebuilt for CVE-2022-1996,
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). —- Update to 1.1.0 —- Disable package_note on arm too —- update to 0.44.1 rhbz#2007854 —- Add missing archive —- Update to 0.0.31 – Close: rhbz#1963535 —- Rebuilt for CVE-2022-1996,
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). —- Update to 1.1.0 —- Disable package_note on arm too —- update to 0.44.1 rhbz#2007854 —- Add missing archive —- Update to 0.0.31 – Close: rhbz#1963535 —- Rebuilt for CVE-2022-1996,
Demi Marie Obenour discovered a flaw in GnuPG, allowing for signature spoofing via arbitrary injection into the status line. An attacker who controls the secret part of any signing-capable key or subkey in the victim’s keyring, can take advantage of this flaw to provide a
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Several security issues were fixed in the Linux kernel.
The system could be made to crash under certain conditions.
Several security issues were mitigated in the Linux kernel.
The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from