Fix a possible DOS involving the Qt SQL ODBC driver plugin.
Comment
Posts Tagged Fedora Linux Distribution – Security Advisories
2746 results.
xwayland 22.1.8 – Security fix for CVE-2023-0494
New version 4.0.3.
**Version 4.4.50** (2023-02-01) * **security cve-2022-24895** [Security/Http] Remove CSRF tokens from storage on successful login (nicolas-grekas) * **security cve-2022-24894** [HttpKernel] Remove private headers before storing responses with HttpCache (nicolas-grekas)
Rebase to upstream version 3.0.8 Resolves: CVE-2022-4203 Resolves: CVE-2022-4304 Resolves: CVE-2022-4450 Resolves: CVE-2023-0215 Resolves: CVE-2023-0216 Resolves: CVE-2023-0217 Resolves: CVE-2023-0286 Resolves: CVE-2023-0401
Add upstream fix for CVE-2022-47021
Add upstream fix for CVE-2022-47021
* Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronization, among other fixes. * Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back.
– Fix CVE-2022-3560 – This is a privilege escalation in the pesign-authorize script, which is now deprecated. There is no impact unless you are using pesign as a daemon in a signing server.
Rebase to sudo 1.9.12p2 – security fix for CVE-2023-22809
Security fix for CVE-2022-4510
# New in release [OpenJDK 11.0.18](https://bit.ly/openjdk11018) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
Security fix for CVE-2022-4510
# New in release [OpenJDK 8u362](https://bit.ly/openjdk8u362) (2023-01-17) ## CVEs Fixed – CVE-2023-21830 – CVE-2023-21843 ## Security Fixes – JDK-8285021: Improve CORBA communication – JDK-8286496: Improve Thread labels – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress
# New in release OpenJDK 19.0.2 (2023-01-17) ## CVEs Fixed * CVE-2023-21835 * CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress address handling – JDK-8293717: Objective
# New in release [OpenJDK 17.0.6](https://bit.ly/openjdk1706) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
# New in release [OpenJDK 8u362](https://bit.ly/openjdk8u362) (2023-01-17) ## CVEs Fixed – CVE-2023-21830 – CVE-2023-21843 ## Security Fixes – JDK-8285021: Improve CORBA communication – JDK-8286496: Improve Thread labels – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges – JDK-8293598: Enhance InetAddress
The newest upstream commit Security fix for CVE-2023-0288
Update to 109.0.5414.119. Fixes the following security issues: CVE-2023-0471 CVE-2023-0472 CVE-2023-0473 CVE-2023-0474
Fix CVE-2022-47021
Rebuild for CVE-2022-41717 in golang.
new upstream version
Rebuild for CVE-2022-41717 in golang.
Update to 2.53.15
Update to 2.53.15
# New in release [OpenJDK 17.0.6](https://bit.ly/openjdk1706) (2023-01-17) ## CVEs Fixed – CVE-2023-21835 – CVE-2023-21843 ## Security Fixes – JDK-8286070: Improve UTF8 representation – JDK-8286496: Improve Thread labels – JDK-8287411: Enhance DTLS performance – JDK-8288516: Enhance font creation – JDK-8289350: Better media supports – JDK-8293554: Enhanced DH Key Exchanges
This update contains rebuilds of all Rust applications against versions of the libgit2-sys crate that ship fixes for CVE-2022-24765 and CVE-2022-29187 in the bundled copies of libgit2. —- Updates `pore` to 0.1.8 – Speed up `update_remote_refs` – Fall back to `/etc/pore.toml` if it exists.
Update to 1.3.2 (CVE-2022-29187, CVE-2022-24765)
* CVE-2022-47318
Update to version 0.13.5 (includes bundled libgit2 v1.4.5 with the latest security fixes).