FEDORA-2023-31d5d51a2d

Packages in this update:

python-cryptography-41.0.3-1.fc39
rust-asn1-0.15.5-2.fc39
rust-asn1_derive-0.15.5-1.fc39

Update description:

Update python-cryptography to 41.0.3, https://cryptography.io/en/latest/changelog/
Security fix for CVE-2023-3832 “SSH certificate encoding/parsing incompatibility with OpenSSH”
Update rust-asn1 to 0.15.5 and obsolete const-generic feature
Update rust-asn1_derive to 0.15.5

Read More

Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

Read More

Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Read More

Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Read More

Improper access control in the Intel DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.

Read More

Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

Read More

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.

Read More