– fix too eager reuse of TLS and SSH connections (CVE-2022-27782) —- – fix credential leak on redirect (CVE-2022-27774) – fix auth/cookie leak on redirect (CVE-2022-27776) – fix bad local IPv6 connection reuse (CVE-2022-27775) – fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
Archive for Fedora Linux Distribution – Security Advisories
Security fixes for CVE-2022-1769, CVE-2022-1733, CVE-2022-1674
Update to 91.9.0
Fix for CVE-2022-26280
Fedora 35: php-openpsa-universalfeedcreator 2022-59f0ad964c
Update to v1.8.4.1 Security fix for CVE-2022-28919
Fedora 36: php-openpsa-universalfeedcreator 2022-a66124e04f
Update to v1.8.4.1 Security fix for CVE-2022-28919
Security fixes for CVE-2022-1769, CVE-2022-1733 —- The newest upstream commit Security fix for CVE-2022-1674
Update to .NET SDK 6.0.105 and Runtime 6.0.5 This is the May 2022 update for .NET 6. It includes fixes for multiple CVEs, including CVE-2022-29117, CVE-2022-29145 and CVE-2022-23267.
Security fixes for CVE-2022-1769, CVE-2022-1733
Fedora 36: rubygem-nokogiri 2022-0071328464
New version 1.13.6 is released. This rpm addresses the issue for improper handling of unexpected data types, related to untrusted inputs to the SAX parsers, which is assigned as CVE-2022-29181 —- New version 1.13.5 is released.
Fedora 35: rubygem-nokogiri 2022-e9b2e1c1ac
This rpm backports the patch for the issue for improper handling of unexpected data types, related to untrusted inputs to the SAX parsers, which is assigned as CVE-2022-29181
The newest upstream commit Security fix for CVE-2022-1674
Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502. https://www.schedmd.com/news.php?id=260#OPT_260
patchlevel 4927 Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619, CVE-2022-1621, CVE-2022-1629
Rebase to 8.2204.0-1 Add patch resolving a potential heap buffer overflow, details: https://github.com/rsyslog/rsyslog/security/advisories/GHSA- ggw7-xr6h-mmr8
Rebase to 8.2204.0 Add patch to resolve potential heap buffer overflow, details: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8
Fix CVE-2022-30292
Several security and stability improvements
Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous versions ecdsautils would erroneously accept all-zero signatures as valid. More information can be found here: https://github.com/freifunk- gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw
Fix CVE-2022-30292
Update to 2.9.14 Fix CVE-2022-29824: Integer overflow in xmlBuf and xmlBuffer
Security fixes for CVE-2022-1227, CVE-2022-21698, CVE-2022-27191, CVE-2022-27649
* Updating for Keylime release v6.4.0 * Fixes CVE-2022-1053
Fedora 34: java-1.8.0-openjdk-aarch32 2022-efaa7e8775
8u332 update
Fedora 34: mingw-SDL2_ttf 2022-857d1f7050
Security fix for CVE-2022-27470
Update to 2.53.12 For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking . Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So
The 5.17.6 stable kernel updates contain a number of important fixes across the tree.
The 5.17.6 stable kernel updates contain a number of important fixes across the tree.
Update to 91.9.0
Update to 2.53.12 For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking . Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So