Read Time:36 Second

FEDORA-2022-34de4f833d

Packages in this update:

cifs-utils-6.15-1.fc34

Update description:

This is a security release to address the following bugs:

CVE-2022-27239: mount.cifs: fix length check for ip option parsing
CVE-2022-29869: mount.cifs: fix verbose messages on option parsing

Description

CVE-2022-27239:

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2022-29869:

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is
not a valid credentials file.

Both issues were originally reported and fixed by Jeffrey Bencteux.

Read More

More Stories

thunderbird-128.9.2-1.fc40

FEDORA-2025-fd8eb9ca57 Packages in this update: thunderbird-128.9.2-1.fc40 Update description: Update to 128.9.2 https://www.thunderbird.net/en-US/thunderbird/128.9.1esr/releasenotes/ https://www.thunderbird.net/en-US/thunderbird/128.9.2esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/ Read More

thunderbird-128.9.2-1.fc41

FEDORA-2025-9e6d18cb4f Packages in this update: thunderbird-128.9.2-1.fc41 Update description: Update to 128.9.2 https://www.thunderbird.net/en-US/thunderbird/128.9.1esr/releasenotes/ https://www.thunderbird.net/en-US/thunderbird/128.9.2esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/ Read More