This is the June 2022 monthly release for .NET 6. This updates .NET SDK to 6.0.106 and Runtime to 6.0.6. It includes at least one known security fix. Upstream release notes: https://github.com/dotnet/core/blob/main/release- notes/6.0/6.0.6/6.0.6.md
Archive for Fedora Linux Distribution – Security Advisories
Security fix for CVE-2015-20107
New upstream version 2022.5.17
Fedora 35: ntfs-3g-system-compression 2022-1176b501f0
Rebuild for ntfs-3g CVE
Fedora 35: golang-github-emicklei-restful 2022-589a0ad690
– Update to 3.8.0. Fixes rhbz#1948196. – Mitigate CVE-2022-1996.
Fedora 36: golang-github-emicklei-restful 2022-185697ef56
– Update to 3.8.0. Fixes rhbz#1948196. – Mitigate CVE-2022-1996.
Security fix for CVE-2022-1292 Upgrade to 1.1.1o, rhbz#2095817. See https://www.openssl.org/news/secadv/20220503.txt.
Update to 42.3 – main: Hotfix to workaround gtk #4880 (affects Save As dialogs on X11 primarily) – config: Add GNOME 42+ compatibility for dark mode, and fetch dark settings from portal if possible – widget: Properly update highlights upon resize – find-replace: Remove spurious g_object_ref() call
CVE fixes for 2022-06-06 Includes: CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 CVE-2021-3697 CVE-2021-3696 CVE-2021-3695 Moderate/high, some network access. Update! Upstream disclosure with more information: https://lists.gnu.org/archive/html/grub-devel/2022-06/msg00035.html
Fedora 36: golang-github-cli-gh 2022-c2ca66a0f8
Update gh to 2.12.1 —- Update to 2.12.0
Fedora 35: golang-github-docker-libnetwork 2022-3ecd21576a
## moby-engine https://github.com/moby/moby/releases/tag/v20.10.17 Includes updates to bundled libraries that fix CVEs. ## golang-github-docker-libnetwork Bump to f6ccccb1c082a432c2a5814aaedaca56af33d9ea
## moby-engine https://github.com/moby/moby/releases/tag/v20.10.17 Includes updates to bundled libraries that fix CVEs. ## golang-github-docker-libnetwork Bump to f6ccccb1c082a432c2a5814aaedaca56af33d9ea
Security fix for CVE-2015-20107
Fedora 35: python-cookiecutter 2022-4a3d83a1d2
Update to version 2.1.1 CVE-2022-24065
Security fix for CVE-2015-20107
Security fix for CVE-2015-20107
Update to 2.36.3: * Support capturing already encoded video streams, which takes advantage of encoding done in hardware by devices which support this feature. * Avoid using experimental GStreamer elements for video demuxing. * Avoid using the legacy GStreamer VA-API decoding plug-ins, which often cause rendering issues and are not much maintained. Their usage can be re-enabled
The 5.18.5 stable kernel update contains mitigation for the processor MMIO stale-data vulnerabilities. These are covered by CVE-2022-21166 CVE-2022-21125 and CVE-2022-21123
Fedora 35: shim-unsigned-x64 2022-98830efc68
This fixes several issues, most notably BZ#1955416 and CVE-2022-28737. Please test.
Fedora 35: shim-unsigned-aarch64 2022-98830efc68
This fixes several issues, most notably BZ#1955416 and CVE-2022-28737. Please test.
Fedora 35: golang-github-containerd-cni 2022-725ac93b48
golang-x-sys: Bump to commit bc2c85ada10aa9b6aa9607e9ac9ad0761b95cf1d golang- github-containernetworking-cni: Update to 1.1.1. golang-github-containerd-cni: Update to 1.1.6. Fixes rhbz#2092632. containerd: Update to 1.6.6. Mitigates GHSA-5ffw-gxpp-mxpf / CVE-2022-31030.
The 5.17.14 stable kernel update contains a number of important fixes across the tree.
## moby-engine https://github.com/moby/moby/releases/tag/v20.10.17 Includes updates to bundled libraries that fix CVEs. ## golang-github-docker-libnetwork Bump to f6ccccb1c082a432c2a5814aaedaca56af33d9ea
Fedora 36: golang-github-docker-libnetwork 2022-cea20dae0b
## moby-engine https://github.com/moby/moby/releases/tag/v20.10.17 Includes updates to bundled libraries that fix CVEs. ## golang-github-docker-libnetwork Bump to f6ccccb1c082a432c2a5814aaedaca56af33d9ea
– lockState: do not print `error:` when exit code is unaffected (#2090926) —- – fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
bump to v1.23.4, security fix for CVE-2022-21698 —- Add missing container networking dependencies (#2081834)
The 5.17.13 stable kernel update contains a number of important fixes across the tree.
The 5.17.13 stable kernel update contains a number of important fixes across the tree.
CVE fixes for 2022-06-06 Includes: CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 CVE-2021-3697 CVE-2021-3696 CVE-2021-3695 Moderate/high, some network access. Update! Upstream disclosure with more information: https://lists.gnu.org/archive/html/grub-devel/2022-06/msg00035.html
– New upstream version (101.0) —- – Fixed missing popups in some scenarios on Wayland (https://bugzilla.mozilla.org/show_bug.cgi?id=1771104)