USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix
for CVE-2022-22817 was incomplete. This update fixes the problem.

Original advisory details:

It was discovered that Pillow incorrectly handled certain image files. If a
user or automated system were tricked into opening a specially-crafted
file, a remote attacker could cause Pillow to hang, resulting in a denial
of service. (CVE-2021-23437)

It was discovered that Pillow incorrectly handled certain image files. If a
user or automated system were tricked into opening a specially-crafted
file, a remote attacker could cause Pillow to crash, resulting in a denial
of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 21.04. (CVE-2021-34552)

It was discovered that Pillow incorrectly handled certain image files. If a
user or automated system were tricked into opening a specially-crafted
file, a remote attacker could cause Pillow to crash, resulting in a denial
of service, or possibly execute arbitrary code. (CVE-2022-22815)

It was discovered that Pillow incorrectly handled certain image files. If a
user or automated system were tricked into opening a specially-crafted
file, a remote attacker could cause Pillow to crash, resulting in a denial
of service. (CVE-2022-22816)

It was discovered that Pillow incorrectly handled certain image files. If a
user or automated system were tricked into opening a specially-crafted
file, a remote attacker could cause Pillow to crash, resulting in a denial
of service, or possibly execute arbitrary code. (CVE-2022-22817)

Read More

FEDORA-FLATPAK-2022-5de56405c8

Packages in this update:

firefox-stable-3720221024085224.1

Update description:

Firefox 106.0.1 release. For details, see https://www.mozilla.org/en-US/firefox/106.0.1/releasenotes/

Firefox 106.0 release. For details, see https://www.mozilla.org/en-US/firefox/106.0/releasenotes/

Read More

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
Ubuntu 18.04 LTS has been updated to MySQL 5.7.40.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-40.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-31.html
https://www.oracle.com/security-alerts/cpuoct2022.html

Read More

FEDORA-2022-a648a9484f

Packages in this update:

firefox-106.0.1-1.fc36

Update description:

New upstream version (106.0.1)

Read More

FEDORA-2022-8bff5db98e

Packages in this update:

firefox-106.0.1-1.fc37

Update description:

New upstream version (106.0.1)

Read More

FEDORA-2022-0ceb96f561

Packages in this update:

firefox-106.0.1-1.fc35

Update description:

New upstream version (106.0.1)

Read More

FEDORA-MODULAR-2022-a4fedd764b

Packages in this update:

mariadb-10.9-3720221023053557.F37

Update description:

MariaDB 10.9.3

Read More

FEDORA-MODULAR-2022-a95c1a5aa9

Packages in this update:

mariadb-10.9-3520221023053557.F35

Update description:

MariaDB 10.9.3

Read More

FEDORA-MODULAR-2022-17c36cfee5

Packages in this update:

mariadb-10.9-3620221023053557.F36

Update description:

MariaDB 10.9.3

Read More

FEDORA-MODULAR-2022-0ede6d5afa

Packages in this update:

mariadb-10.8-3620221023061040.5e5ad4a0

Update description:

MariaDB 10.8.5

Read More