FEDORA-2022-ebbac924d3
Packages in this update:
exim-4.96-5.fc35
Update description:
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-5.fc35
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-5.fc36
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
openssl-3.0.5-2.fc36
Security fix for CVE-2022-3602 and CVE-2022-3786
mingw-gcc-11.2.1-6.fc36
Backport fixes for CVE-2021-3826 and CVE-2022-27943.
exim-4.96-5.fc37
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
openssl-3.0.5-3.fc37
Security fix for CVE-2022-3602 and CVE-2022-3786
Emergency operations are continuing, but the hospital system failed and cannot be accessed
It was discovered that OpenSSL incorrectly handled certain X.509 Email
Addresses. If a certificate authority were tricked into signing a
specially-crafted certificate, a remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. The
default compiler options for affected releases reduce the vulnerability to
a denial of service. (CVE-2022-3602, CVE-2022-3786)
It was discovered that OpenSSL incorrectly handled applications creating
custom ciphers via the legacy EVP_CIPHER_meth_new() function. This issue
could cause certain applications that mishandled values to the function to
possibly end up with a NULL cipher and messages in plaintext.
(CVE-2022-3358)
The guidelines describe methods threat actors use to steal MFA credentials and how to defend against them
mediawiki-1.37.6-1.fc36
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/DMQKMFSH4K7KLBXWZTDBGI2PWLLHJHJZ/
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/SPYFDCGZE7KJNO73ET7QVSUXMHXVRFTE/