Update to NetHack 3.6.6
Comment
Archive for Fedora Linux Distribution – Security Advisories
2367 results.
Security and performance fixes.
**Horde_Form 2.0.20** * [mjr] SECURITY: Prevent ability to specify temporary filename (CVE-2020-8866, Reported By: Andrea Cardaci working with Trend Micro Zero Day Initiative).
**Horde_Form 2.0.20** * [mjr] SECURITY: Prevent ability to specify temporary filename (CVE-2020-8866, Reported By: Andrea Cardaci working with Trend Micro Zero Day Initiative).
Update to 2.9.6 bugfix release and 2 CVE fixes: CVE-2020-1737, CVE-2020-1739
https://lists.wikimedia.org/pipermail/mediawiki- announce/2019-December/000243.html
https://lists.wikimedia.org/pipermail/mediawiki- announce/2019-December/000243.html
CouchDB 3.0.0
– update to latest development version 1.9.0b1 – added sudo_logsrvd and sudo_sendlog to files and their appropriate man pages Resolves: rhbz#1787823 – Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz#1796945 – fixes: CVE-2019-18634 – By using ! character in the shadow file instead of a password hash can access to a run as all sudoer account Resolves: rhbz#1786709 –
Release 6.6.4p1 (2020-02-24) — – An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group. Release 6.6.3p1 (2020-02-10) — – Following the 6.6.2p1 release, various improvements were
Update to latest upstream version
Release 6.6.4p1 (2020-02-24) — – An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group. Release 6.6.3p1 (2020-02-10) — – Following the 6.6.2p1 release, various improvements were
The 5.5.7 stable kernel update contains a number of important fixes across the tree.
The 5.5.7 stable kernel update contains a number of important fixes across the tree.
The 5.5.6 stable kernel update contains a number of important fixes across the tree.
The 5.5.6 stable kernel update contains a number of important fixes across the tree.
The 5.5.6 stable kernel update contains a number of important fixes across the tree.
This update backports a patch for CVE-2020-8112.
**PHP version 7.3.15** (20 Feb 2020) **Core:** * Fixed bug php#71876 (Memory corruption htmlspecialchars(): charset `*’ not supported). (Nikita) * Fixed bug #php#79146 (cscript can fail to run on some systems). (clarodeus) * Fixed bug php#78323 (Code 0 is returned on invalid options). (Ivan Mikheykin) * Fixed bug php#76047 (Use-after-free when accessing already destructed backtrace
Rebase to version 0.9.62
This update, to the current upstream stable release version, is a cumulative bug-fix release including a security fix for a use-after-free vulnerability (CVE-2020-9273): successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
Update to libpng-1.6.37, see https://sourceforge.net/projects/libpng/files/libpng16/1.6.37/ for details.
Fix privilege escalation (https://bugzilla.redhat.com/show_bug.cgi?id=1803499)
Fix privilege escalation (https://bugzilla.redhat.com/show_bug.cgi?id=1803499)
Update to 5.6.7 to fix CVE-2019-18874
Fix for CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c
Resolves: #1795838, #1802904 – Security fix for CVE-2020-8945
Fix for CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c
Resolves: #1795838, #1802904 – Security fix for CVE-2020-8945
* Always use a light theme for rendering form controls. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868