Update to 91.12.0 ; https://www.mozilla.org/en- US/security/advisories/mfsa2022-31/
Posts Tagged Fedora Linux Distribution – Security Advisories
Fedora 35: xorg-x11-server-Xwayland 2022-8e787b2a5c
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
Fedora 35: xorg-x11-server 2022-573714ca6b
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
removes phishing site as URL, and updates to new. explicitly BuildRequires gcc
Security fix for CVE-2022-34903
ceph 16.2.10 GA Security fix for CVE-2022-0670
Multiple security fixes.
Apply proposed patch for CVE-2022-28506.
Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747) —- update to xen-4.15.3 x86: MMIO Stale Data vulnerabilities (not applied in 4.15.2-5) —- x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166] —- x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362] x86 pv:
**Changelog** “` * Thu Jul 07 2022 Clemens Lang
Security fix for CVE-2022-31116 and CVE-2022-31117. ## 5.4.0 **Added** – Add support for arbitrary size integers **Fixed** – CVE-2022-31116: Replace `wchar_t` string decoding implementation with a `uint32_t`-based one; fix handling of surrogates on decoding – CVE-2022-31117: Potential double free of buffer during string decoding – Fix memory leak on encoding errors when the
Fedora 35: oci-seccomp-bpf-hook 2022-7c45aa090a
auto bump to v1.2.6
Fix for CVE-2022-34903 (#2103242)
This update fixes many bugs some of which are security relevant.
Security fixes for CVE-2022-2257, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2264, CVE-2022-2304, CVE-2022-2345, CVE-2022-2344, CVE-2022-2343.
This update fixes many bugs some of which are security relevant.
Fedora 36: oci-seccomp-bpf-hook 2022-24438de133
auto bump to v1.2.6
Fedora 35: golang-github-hub 2022-3e1ade35db
Rebuild for CVE-2022-{24675,28327,29526 in golang}
Rebuild for CVE-2022-{24675,28327,29526 in golang}
Fedora 35: golang-github-gosexy-gettext 2022-3e1ade35db
Rebuild for CVE-2022-{24675,28327,29526 in golang}
auto bump to v1.26.2
Retbleed – arbitrary speculative code execution with return instructions [XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900]
Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs — This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: – CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode – CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar –
Fedora 35: yubihsm-connector 2022-3969b64d4b
Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs — This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: – CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode – CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar –
Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs — This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: – CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode – CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar –
Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs — This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: – CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode – CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar –
Fedora 36: php-laminas-diactoros2 2022-794cd592d2
**Version 2.13.0** Enhancement * 106: Refined types as per laminas/laminas- coding-standard:2.3.x upgrades thanks to @Ocramius * 103: Update to laminas/laminas-coding-standard:2.3.x, improved types and internal API thanks to @gsteel —- **Version 2.12.0** Bug * 99: Merge release 2.11.3 into 2.12.x thanks to @github-actions[bot] * 92: Fix typo in property name in
– fix unpreserved file permissions (CVE-2022-32207) – fix Set-Cookie denial of service (CVE-2022-32205) – fix HTTP compression denial of service (CVE-2022-32206) – fix FTP-KRB bad message verification (CVE-2022-32208)
The 5.18.11 stable kernel update contains a number of important fixes across the tree. In addition to the 5.18.11 stable patches, this build contains the retbleed patches scheduled for 5.18.12 kernels.
Fedora 36: xorg-x11-server-Xwayland 2022-856bb475b7
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070