**Changes in version 1.6.0** Bug Fixes: * Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability **CVE-2022-39369** (Henry Pan) * Set user agent [#421] (Fydon)
Posts Tagged Fedora Linux Distribution – Security Advisories
**Changes in version 1.6.0** Bug Fixes: * Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability **CVE-2022-39369** (Henry Pan) * Set user agent [#421] (Fydon)
Security fix for CVE-2022-3705 2139842 – vim upgrade broke :! for displaying terminal output —- patchlevel 803 —- The newest upstream commit Security fixes for CVE-2022-3256, CVE-2022-3324, CVE-2022-3352, CVE-2022-3235, CVE-2022-3234, CVE-2022-3296, CVE-2022-3297, CVE-2022-3278.
* Fix scrolling issues in some sites having fixed background. * Fix prolonged buffering during progressive live playback. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824
Security fix for CVE-2022-3705 2139842 – vim upgrade broke :! for displaying terminal output
* Fix scrolling issues in some sites having fixed background. * Fix prolonged buffering during progressive live playback. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824
Update to 12.1, fixes CVE-2021-3826.
Backport fixes for CVE-2021-3826 and CVE-2022-38533.
updates the C library to 0.29.0.gfm.6 which fixes CVE-2022-39209
updates the C library to 0.29.0.gfm.6 which fixes CVE-2022-39209
# New in release OpenJDK 19.0.1 (2022-10-18) * [Full release notes](https://builds.shipilev.net/backports-monitor/release-notes-19.0.1.html) * This update depends on [FEDORA-2022- 10bb6f119e](https://bodhi.fedoraproject.org/updates/FEDORA-2022-10bb6f119e) ## CVEs Fixed – CVE-2022-21618 – CVE-2022-21619 – CVE-2022-21624 –
Security fix for CVE-2022-3705 2139842 – vim upgrade broke :! for displaying terminal output
– Updated to 106.0.3 —- – New upstream version (106.0.1)
# New in release OpenJDK 11.0.17 (2022-10-18) * [Release announcement](https://bit.ly/openjdk11017) * [Full release notes](https://builds.shipilev.net/backports-monitor/release-notes-11.0.7.html) ## Security Fixes – JDK-8282252: Improve BigInteger/Decimal validation – JDK-8285662: Better permission resolution – JDK-8286077, CVE-2022-21618: Wider
**PHP version 8.1.12** (27 Oct 2022) **Core:** * Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier) **Fileinfo:** * Fixed bug [GH-8805](https://github.com/php/php-src/issues/8805) (finfo returns wrong mime type for woff/woff2 files). (Anatol) **GD:** * Fixed bug php#81739: OOB read due to insufficient input validation in imageloadfont(). (**CVE-2022-31630**)
# New in release OpenJDK 17.0.5 (2022-10-18) * [Release announcement](https://bit.ly/openjdk1705) * [Full release notes](https://builds.shipilev.net/backports-monitor/release-notes-17.0.5.html) ## Security Fixes – JDK-8282252: Improve BigInteger/Decimal validation – JDK-8285662: Better permission resolution – JDK-8286077, CVE-2022-21618: Wider
Upstream update including security & bug fixes as well as feature enhancements. From the upstream [release notes](https://github.com/git/git/raw/v2.38.1/Documen tation/RelNotes/2.30.6.txt): CVE-2022-39253 ————– When relying on the `–local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies) of the dereferenced link in the
New upstream release fixing CVE-2022-3515
Security fix for CVE-2022-3602 and CVE-2022-3786
Security fix for CVE-2022-3602 and CVE-2022-3786
– url: use IDN decoded names for HSTS checks (CVE-2022-42916) – http_proxy: restore the protocol pointer on error (CVE-2022-42915) – netrc: replace fgets with Curl_get_line (CVE-2022-35260) – fix POST following PUT confusion (CVE-2022-32221)
Update to 2.28.1
– Update to 1.2.22
– Update to 1.2.22
Update to 2.4.9, fixes CVE-2022-30674.
Update to 2.4.9, fixes CVE-2022-30674.
Update to 3.3.0.1 and CVE-2022-25844
This is the monthly .NET 6 update for September 2022. It updates the .NET SDK to 6.0.109 and Runtime to 6.0.9. This includes a fix for CVE-2022-38013
Update to version 4.16.6 – Security fixes for CVE-2022-3592 and CVE-2022-3437
– New version 4.4.3-P1 (rhbz#2132240) – Fix for CVE-2022-2928 (rhbz#2132429) – Fix for CVE-2022-2929 (rhbz#2132430)