Read Time:10 Second
FEDORA-2022-fc4c513d06
Packages in this update:
vim-9.0.1006-1.fc36
Update description:
The newest upstream commit
Security fix for CVE-2022-4141
Vim did not recognize key codes passed by Kitty
Category Archives: Advisories
vim-9.0.1006-1.fc37
Read Time:10 Second
FEDORA-2022-1e14f3ae45
Packages in this update:
vim-9.0.1006-1.fc37
Update description:
The newest upstream commit
Security fix for CVE-2022-4141
Vim did not recognize key codes passed by Kitty
USN-5760-1: libxml2 vulnerabilities
Read Time:23 Second
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
USN-5759-1: LibBPF vulnerabilities
Read Time:28 Second
It was discovered that LibBPF incorrectly handled certain memory operations
under certain circumstances. An attacker could possibly use this issue to
cause LibBPF to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 22.10.
(CVE-2021-45940, CVE-2021-45941, CVE-2022-3533)
It was discovered that LibBPF incorrectly handled certain memory operations
under certain circumstances. An attacker could possibly use this issue to
cause LibBPF to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2022-3534, CVE-2022-3606)
xfce4-settings-4.16.5-2.el8
Read Time:8 Second
FEDORA-EPEL-2022-40b38de6f9
Packages in this update:
xfce4-settings-4.16.5-2.el8
Update description:
Fix for CVE-2022-45062 and misc other small bugfixes.
xfce4-settings-4.16.5-1.fc35
Read Time:7 Second
FEDORA-2022-10e1abd968
Packages in this update:
xfce4-settings-4.16.5-1.fc35
Update description:
Fixes CVE-2022-45062 and misc other bugs.
DSA-5295 chromium – security update
Read Time:5 Second
A security issue was discovered in Chromium, which could result in the
execution of arbitrary code.
DSA-5294 jhead – security update
Read Time:17 Second
Jhead, a tool for manipulating EXIF data embedded in JPEG images, allowed
attackers to execute arbitrary OS commands by placing them in a JPEG filename
and then using the regeneration -rgt50, -autorot or -ce option. In addition a
buffer overflow error in exif.c has been addressed which could lead to a denial
of service (application crash).
brotli-1.0.9-10.el7
Read Time:7 Second
FEDORA-EPEL-2022-735d1baeca
Packages in this update:
brotli-1.0.9-10.el7
Update description:
Security fix for CVE-2020-8927
CVE-2021-37533 (commons_net)
Read Time:27 Second
Prior to Apache Commons Net 3.9.0, Net’s FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.