FEDORA-2022-e980dc71b1
Packages in this update:
golang-github-opencontainers-runc-1.1.2-1.fc34
Update description:
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
golang-github-opencontainers-runc-1.1.2-1.fc34
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
golang-github-opencontainers-runc-1.1.2-1.fc35
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
golang-github-opencontainers-runc-1.1.2-1.fc36
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
Cryptography is the art of keeping information secure by transforming it into form that unintended recipients cannot understand. In cryptography, an original human readable message, referred to as plaintext, is changed by means of an algorithm, or series of mathematical operations, into something that to an uninformed observer would look like gibberish; this gibberish is called ciphertext.
Cryptographic systems require some method for the intended recipient to be able to make use of the encrypted message—usually, though not always, by transforming the ciphertext back into plaintext.
Felix Wilhelm reported that several buffer handling functions in
libxml2, a library providing support to read, modify and write XML and
HTML files, don’t check for integer overflows, resulting in
out-of-bounds memory writes if specially crafted, multi-gigabyte XML
files are processed. An attacker can take advantage of this flaw for
denial of service or execution of arbitrary code.
Manfred Paul discovered two security issues in the Mozilla Firefox web
browser, which could result in the execution of arbitrary code.
Several flaws have been discovered in HTCondor, a distributed workload
management system, which allow users with only READ access to any daemon to use
a different authentication method than the administrator has specified. If the
administrator has configured the READ or WRITE methods to include CLAIMTOBE,
then it is possible to impersonate another user and submit or remove jobs.