FEDORA-EPEL-2022-157b128a28
Packages in this update:
exim-4.96-4.el9
Update description:
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-4.el9
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-5.fc35
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-5.fc36
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
openssl-3.0.5-2.fc36
Security fix for CVE-2022-3602 and CVE-2022-3786
mingw-gcc-11.2.1-6.fc36
Backport fixes for CVE-2021-3826 and CVE-2022-27943.
exim-4.96-5.fc37
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
openssl-3.0.5-3.fc37
Security fix for CVE-2022-3602 and CVE-2022-3786
Emergency operations are continuing, but the hospital system failed and cannot be accessed
It was discovered that OpenSSL incorrectly handled certain X.509 Email
Addresses. If a certificate authority were tricked into signing a
specially-crafted certificate, a remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. The
default compiler options for affected releases reduce the vulnerability to
a denial of service. (CVE-2022-3602, CVE-2022-3786)
It was discovered that OpenSSL incorrectly handled applications creating
custom ciphers via the legacy EVP_CIPHER_meth_new() function. This issue
could cause certain applications that mishandled values to the function to
possibly end up with a NULL cipher and messages in plaintext.
(CVE-2022-3358)
The guidelines describe methods threat actors use to steal MFA credentials and how to defend against them