FEDORA-FLATPAK-2023-92c2b96978
Packages in this update:
firefox-stable-3820230515105518.1
Update description:
Update to 113.0.1
Update to 113.0
Update to 112.0.2
firefox-stable-3820230515105518.1
Update to 113.0.1
Update to 113.0
Update to 112.0.2
edk2-20230301gitf80f052277c8-26.fc37
include latest dbx update (may 9th, black lotus edition).
drop ASSERT from NestedInterruptTplLib (rhbz#2183336).
USN-6060-1 fixed vulnerabilities in MySQL. The new upstream 8.0.33 version
introduced a regression on the armhf architecture. This update fixes the
problem.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL
5.7.42.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-42.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html
https://www.oracle.com/security-alerts/cpuapr2023.html
edk2-20230301gitf80f052277c8-26.fc38
include latest dbx update (may 9th, black lotus edition).
osslsigncode-2.5-3.el8
Update to latest version
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207,
CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215)
Irvan Kurniawan discovered that Thunderbird did not properly manage memory
when using RLBox Expat driver. An attacker could potentially exploits this
issue to cause a denial of service. (CVE-2023-32206)
libssh-0.10.5-1.fc37
Update to 0.10.5 (CVE-2023-1667 CVE-2023-2283)
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.