The 5.16.5 stable kernel rebase contains new features, additional hardware support, and a number of important fixes across the tree.
Comment
Posts Tagged Fedora Linux Distribution – Security Advisories
2349 results.
The 5.16.5 stable kernel rebase contains new features, additional hardware support, and a number of important fixes across the tree.
The 5.15.18 stable kernel update contains fixes for a number of issues across the tree.
* Update to 3.0 (fixes (CVE-2022-23220) * Move to upstream desktop/polkit policy * Use %%license * Cleanup spec * Stop using debugfs unnecessarily
– Update cargo-insta to version 1.11.0. – Update the insta crate to version 1.11.0. – Update the ron crate to version 0.7.0. – Introduce a compat package for ron versions 0.6.x. – Update the similar-asserts crate to version 1.2.0. – Update the similar crate to version 2.1.0.
– Update cargo-insta to version 1.11.0. – Update the insta crate to version 1.11.0. – Update the ron crate to version 0.7.0. – Introduce a compat package for ron versions 0.6.x. – Update the similar-asserts crate to version 1.2.0. – Update the similar crate to version 2.1.0.
Fix for CVE-2021-32765
Security fixes for CVE-2022-0351, CVE-2022-0359 —- Security fixes for CVE-2022-0213, CVE-2022-0261
# New in release OpenJDK 17.0.2 (2022-01-18): Live versions of these release notes can be found at: * https://bitly.com/openjdk1702 * https://builds.shipilev.net/backports-monitor/release-notes-17.0.2.txt ## Security fixes – JDK-8251329: (zipfs) Files.walkFileTree walks infinitely if zip has dir named “.” inside – JDK-8264934, CVE-2022-21248: Enhance cross VM
update to version 2.10 and enable OCV CVE-2022-23303
* fix CVE-2021-44716 * fix CVE-2021-43813 * use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens
* fix CVE-2021-44716 * fix CVE-2021-43813 * use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens
Security fix for CVE-2021-4122.
Security fix for CVE-2021-4034
pkexec: argv overflow results in local privilege esc.
This is a regression fix update, reverting non-backwards-compatible behaviour changes in the solution previously chosen for [CVE-2022-21682](https://github.co m/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx)
Bug fixes and incremental optimization improvements. —- Bugfix release including fix for CVE-2021-45290 and CVE-2021-45293.
Security fix for CVE-2022-21658, a TOCTOU race condition in std::fs::remove_dir_all. Privileged programs should be rebuilt if they use this function on paths that may be manipulated with lesser privileges. For more details, see the upstream [security advisory](https://blog.rust- lang.org/2022/01/20/cve-2022-21658.html).
Security fix for CVE-2021-46059, CVE-2022-0158, CVE-2022-0156 —- Security fix for CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4186, CVE-2021-4192, CVE-2021-4193
Fix CVE-2022-23132, CVE-2022-23133, CVE-2022-23134
Update to 2.34.4: * Fix dire [“Safari Leaks”](https://safarileaks.com/) IndexedDB privacy violation. * Make audio tools (like mixers) display the actual name of the application producing sound, instead of a generic one. * Fix several crashes and rendering issues. * Additional security fixes: CVE-2021-30887, CVE-2021-30890, CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
Fix CVE-2022-23132, CVE-2022-23133, CVE-2022-23134
The 5.15.16 stable kernel update contains a number of important fixes across the tree.
Security fix for CVE-2021-45931
Security fix for CVE-2021-45930
Rebase to version 2.4.3
The 5.15.15 stable kernel update contains a number of important fixes across the tree.
Update to newer version of arara with newer log4j. Severity is low because exploiting this locally would be challenging.
Remove executable permissions from scripts in /usr/shar
Security fix for CVE-2021-34363