The newest upstream commit Security fix for CVE-2022-1674
Archive for Fedora Linux Distribution – Security Advisories
Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502. https://www.schedmd.com/news.php?id=260#OPT_260
patchlevel 4927 Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619, CVE-2022-1621, CVE-2022-1629
Rebase to 8.2204.0-1 Add patch resolving a potential heap buffer overflow, details: https://github.com/rsyslog/rsyslog/security/advisories/GHSA- ggw7-xr6h-mmr8
Rebase to 8.2204.0 Add patch to resolve potential heap buffer overflow, details: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8
Fix CVE-2022-30292
Several security and stability improvements
Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous versions ecdsautils would erroneously accept all-zero signatures as valid. More information can be found here: https://github.com/freifunk- gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw
Fix CVE-2022-30292
Update to 2.9.14 Fix CVE-2022-29824: Integer overflow in xmlBuf and xmlBuffer
Security fixes for CVE-2022-1227, CVE-2022-21698, CVE-2022-27191, CVE-2022-27649
* Updating for Keylime release v6.4.0 * Fixes CVE-2022-1053
8u332 update
Security fix for CVE-2022-27470
Update to 2.53.12 For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking . Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So
The 5.17.6 stable kernel updates contain a number of important fixes across the tree.
The 5.17.6 stable kernel updates contain a number of important fixes across the tree.
Update to 91.9.0
Update to 2.53.12 For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking . Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So
This is a security release to address the following bugs: – CVE-2022-27239: mount.cifs: fix length check for ip option parsing – CVE-2022-29869: mount.cifs: fix verbose messages on option parsing Description CVE-2022-27239: In cifs- utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
This is a security release to address the following bugs: – CVE-2022-27239: mount.cifs: fix length check for ip option parsing – CVE-2022-29869: mount.cifs: fix verbose messages on option parsing Description CVE-2022-27239: In cifs- utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
– Fixed h.264 video playback over va-api (https://bugzilla.mozilla.org/show_bug.cgi?id=1762725) —- – New upstream version (100.0)
Oracle 04/2022 critical path update * https://www.oracle.com/security- alerts/cpuapr2022.html#AppendixJAVA * Cross fingers I had not messed up system JDK. * java-maint tests passed * **Still karma is highly appreciated**
Rebuild for CVE-2022-27191 —- Fix FTBFS Close: rhbz#2045471
Rebuild for CVE-2022-27191 —- Fix FTBFS Close: rhbz#2045471
Oracle 04/2022 critical path update * https://www.oracle.com/security- alerts/cpuapr2022.html#AppendixJAVA * Cross fingers I had not messed up system JDK. * java-maint tests passed * **Still karma is highly appreciated**
Oracle 04/2022 critical path update * https://www.oracle.com/security- alerts/cpuapr2022.html#AppendixJAVA * Cross fingers I had not messed up system JDK. * java-maint tests passed * **Still karma is highly appreciated**
– New upstream version (100.0) – Fix mozbz#1759137 (ffmpeg crash)
– New upstream version (100.0)
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update. Fixes: CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364