FEDORA-EPEL-2023-66548f784b
Packages in this update:
openssl11-1.1.1k-5.el7
Update description:
backport from 1.1.1k-9: Fixed Timing Oracle in RSA Decryption
Resolves: CVE-2022-4304
backport from 1.1.1k-9: Fixed Double free after calling PEM_read_bio_ex
Resolves: CVE-2022-4450
backport from 1.1.1k-9: Fixed Use-after-free following BIO_new_NDEF
Resolves: CVE-2023-0215
backport from 1.1.1k-9: Fixed X.400 address type confusion in X.509 GeneralName
Resolves: CVE-2023-0286
backport from 1.1.1k-8: Fix no-ec build
Resolves: rhbz#2071020
More Stories
USN-7233-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7250-1: Netdata vulnerabilities
It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could...
APPLE-SA-01-30-2025-1 GarageBand 10.4.12
Posted by Apple Product Security via Fulldisclosure on Feb 01 APPLE-SA-01-30-2025-1 GarageBand 10.4.12 GarageBand 10.4.12 addresses the following issues. Information...
Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
Posted by David Fifield on Feb 01 I tested a few more times, and it appears the text injection has...
Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3
Posted by hyp3rlinx on Feb 01 Updated SQL Injection CVE-2019-19245 exploit for Python3. import requests,time,re,sys,argparse #NAPC Xinet Elegant 6 Asset...
ZDI-25-072: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to...