– control code in cookie denial of service (CVE-2022-35252)
Archive for Fedora Linux Distribution – Security Advisories
6.0.8, fixes CVE-2022-40626
Fedora 36: python-lxml 2022-ed0eeb6a20
Security fix for CVE-2022-2309
Update to latest upstream release
Fedora 35: open-vm-tools 2022-1c9c0bacaf
Package new upstream version open-vm-tools-12.1.0-20219665. —- Security fix for CVE-2022-31676
– Fixed ruby socket permissions
Fedora 35: wordpress 2022-d7526a0af3
**Wordpress 5.9.4 Security Release**
Fix for the CVE-2022-37434
Fedora 36: moby-engine 2022-b027a13a39
– Update to 20.10.18. – Mitigates CVE-2022-36109 / GHSA-rc4r-wh2q-q6c4
Fedora 36: firejail 2022-e8e9b50a33
– Update to 0.9.70 (rhbz#2042724). – Mitigates CVE-2022-31214 (rhbz#2095070).
Security fix for CVE-2022-3099
Fedora 35: qt5-qtwebengine 2022-ae75c0ca4f
Update to latest LTS release
Fedora 36: libapreq2 2022-61f5b492b7
Fix CVE-2022-22728.
Fedora 35: libapreq2 2022-cf658a432f
Fix CVE-2022-22728.
Fedora 35: webkit2gtk3 2022-ddfeee50c9
Update to 2.36.7: * Fix several crashes and rendering issues. * Security fixes: CVE-2022-32793 —- Add provides for webkit2gtk4.0 webkit2gtk3 is getting renamed to webkit2gtk4.0 in F37+. Add provides for the new names to make it easier for other packages to depend on webkitgtk without having to conditionalize their spec files.
MediaWiki 1.37.4 This is a maintenance release of the MediaWiki 1.37 branch. Changes since MediaWiki 1.37.3 Localisation updates. (T311568) UploadBase::setTempFile() handle $tempPath being passed as null. (T311559) SpecialListFiles: user parameter isn’t always present. (T311561) ImageListPager: Don’t call htmlspecialchars() on null. (T311920)
AutoTrace ver. 0.31.9
– New upstream snapshot. – Fixes CVE-2021-3826. – Disable deprecated declaration warnings/errors. – Disable nonnull-compare warnings. – Patch “symtab_no_format_overflow” to avoid a false positive format overflow detection.
Fedora 36: open-vm-tools 2022-cd23eac6f4
Security fix for CVE-2022-31676
Fedora 36: protobuf-c 2022-3be472fe11
Updated to version 1.4.1.
Security fix for CVE-3037
– control code in cookie denial of service (CVE-2022-35252)
Fedora 36: qt5-qtwebengine 2022-8c43b4dce7
Update to 5.15.10 LTS
– fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) – fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
This is Tcpreplay suite 4.4.2 This release contains bug fixes only. What’s changed: – Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738 – Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721 – Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739 – Bug #718 improved heap-overflow protection by @fklassen in #740 – Bug #719 better overflow
The 5.19.6 stable kernel update contains a number of important fixes across the tree. —- The 5.19.4 kernel rebase contains a number of important bug fixes, new hardware support, and feature enhancements across the tree.
Fedora 37: kernel-tools 2022-ccb0138bb6
The 5.19.6 stable kernel update contains a number of important fixes across the tree. —- The 5.19.4 kernel rebase contains a number of important bug fixes, new hardware support, and feature enhancements across the tree.
Fedora 37: kernel-headers 2022-ccb0138bb6
The 5.19.6 stable kernel update contains a number of important fixes across the tree. —- The 5.19.4 kernel rebase contains a number of important bug fixes, new hardware support, and feature enhancements across the tree.
The 5.19.6 stable kernel update contains a number of important fixes across the tree.
Fedora 36: thunderbird 2022-8bf22a684b
Update to 102.2.1 ; https://www.mozilla.org/en- US/security/advisories/mfsa2022-38/