kernel-6.1.5-100.fc36
kernel-headers-6.1.5-100.fc36
kernel-tools-6.1.5-100.fc36
The 6.1.5 stable kernel rebase contains new features, enhanced hardware support, and a number of important fixes across the tree.
dotnet6.0-6.0.113-1.fc36
This updates .NET 6 to the January 2023 security release.
The updated versions are SDK 6.0.113 and Runtime 6.0.13
This include a fix for CVE-2023-21538
dotnet6.0-6.0.113-1.fc37
This updates .NET 6 to the January 2023 security release.
The updated versions are SDK 6.0.113 and Runtime 6.0.13
This include a fix for CVE-2023-21538
It was discovered that Vim makes illegal memory calls when pasting
brackets in Ex mode. An attacker could possibly use this to crash Vim,
access or modify memory, or execute arbitrary commands. This issue
affected only Ubuntu 20.04 and 22.04 (CVE-2022-0392)
It was discovered that Vim makes illegal memory calls when making
certain retab calls. An attacker could possibly use this to crash Vim,
access or modify memory, or execute arbitrary commands. (CVE-2022-0417)
It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-43945)
Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-42896)
It was discovered that the Xen netback driver in the Linux kernel did not
properly handle packets structured in certain ways. An attacker in a guest
VM could possibly use this to cause a denial of service (host NIC
availability). (CVE-2022-3643)
It was discovered that an integer overflow vulnerability existed in the
Bluetooth subsystem in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2022-45934)
upx-4.0.1-2.fc37
Patches for CVE-2023-23456 and CVE-2023-23457
upx-4.0.1-2.fc36
Patches for CVE-2023-23456 and CVE-2023-23457
flatpak-runtime-f37-3720221117153339.6
flatpak-sdk-f37-3720221117153339.6
Updated flatpak runtime and SDK, including latest Fedora 37 security and bug-fix errata.
It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A
remote attacker could possibly use this issue to cause a denial of service.
(CVE-2021-44758)
Evgeny Legerov discovered that Heimdal incorrectly handled memory when
performing certain DES decryption operations. A remote attacker could use
this issue to cause a denial of service, or possibly execute arbitrary
code. (CVE-2022-3437)
Greg Hudson discovered that Kerberos PAC implementation used in Heimdal
incorrectly handled certain parsing operations. A remote attacker could use
this issue to cause a denial of service, or possibly execute arbitrary
code. (CVE-2022-42898)
It was discovered that Heimdal’s KDC did not properly handle certain error
conditions. A remote attacker could use this issue to cause a denial of
service, or possibly execute arbitrary code. (CVE-2022-44640)
A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 74897993818d826595fd5857038e6703456a594a. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218155.
