rxvt-unicode-9.30-2.el7
Update to 9.30
Strip package back to just be the -terminfo file.
This is due to CVE-2022-4170: unaffected versions of rxvt-unicode (that is, libptytty) don’t build on epel7.
rxvt-unicode-9.30-1.el7
Update to 9.30
Strip package back to just be the -terminfo file.
This is due to CVE-2022-4170: unaffected versions of rxvt-unicode (that is, libptytty) don’t build on epel7.
Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.
The improper Input Validation vulnerability in “â€�Move folder to Trashâ€� feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
mod_auth_openidc-2.4.12.2-1.fc36
CVE-2022-23527 mod_auth_openidc: Open Redirect in oidc_validate_redirect_url() using tab character
mod_auth_openidc-2.4.12.2-1.fc37
CVE-2022-23527 mod_auth_openidc: Open Redirect in oidc_validate_redirect_url() using tab character
mod_auth_openidc-2.4.12.2-1.fc38
Automatic update for mod_auth_openidc-2.4.12.2-1.fc38.
* Fri Dec 16 2022 Tomas Halman <thalman@redhat.com> – 2.4.12.2-1
Rebase to 2.4.12.2 version
– Resolves: rhbz#2153658 – CVE-2022-23527 mod_auth_openidc: Open Redirect in
oidc_validate_redirect_url() using tab character
fasterxml-oss-parent-49-2.fc38
jackson-annotations-2.14.1-3.fc38
jackson-bom-2.14.1-1.fc38
jackson-core-2.14.1-1.fc38
jackson-databind-2.14.1-1.fc38
jackson-jaxrs-providers-2.14.1-1.fc38
jackson-modules-base-2.14.1-1.fc38
jackson-parent-2.14-1.fc38
Rebase Jackson packages to the latest upstream version (2.14.1)
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
