Read Time:12 Second
FEDORA-2022-311128dd7e
Packages in this update:
freeipa-4.10.1-2.fc38
krb5-1.20.1-2.fc38
samba-4.17.3-2.fc38
Update description:
Rebuild FreeIPA and Samba AD to use krb5 1.20.1
Category Archives: Advisories
USN-5743-2: LibTIFF vulnerability
Read Time:24 Second
USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the
corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 22.10.
Original advisory details:
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a specially
crafted image, a remote attacker could crash the application, leading to a
denial of service, or possibly execute arbitrary code with user privileges.
USN-5754-1: Linux kernel vulnerabilities
Read Time:1 Minute, 31 Second
It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-43945)
It was discovered that a a memory leak existed in the IPv6 implementation
of the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2022-3524)
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-3564)
It was discovered that the ISDN implementation of the Linux kernel
contained a use-after-free vulnerability. A privileged user could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3565)
It was discovered that the TCP implementation in the Linux kernel contained
a data race condition. An attacker could possibly use this to cause
undesired behaviors. (CVE-2022-3566)
It was discovered that the IPv6 implementation in the Linux kernel
contained a data race condition. An attacker could possibly use this to
cause undesired behaviors. (CVE-2022-3567)
It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in
the Linux kernel did not properly handle certain error conditions. A local
attacker with physical access could plug in a specially crafted USB device
to cause a denial of service (memory exhaustion). (CVE-2022-3594)
It was discovered that a null pointer dereference existed in the NILFS2
file system implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash). (CVE-2022-3621)
krb5-1.20.1-1.fc38
Read Time:49 Second
FEDORA-2022-8050ab2c35
Packages in this update:
krb5-1.20.1-1.fc38
Update description:
Automatic update for krb5-1.20.1-1.fc38.
Changelog
* Wed Nov 23 2022 Julien Rische <jrische@redhat.com> – 1.20.1-1
– New upstream version (1.20.1)
– Resolves: rhbz#2124463
– Restore “supportedCMSTypes” attribute in PKINIT preauth requests
– Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms
– Resolves: rhbz#2114766
– Update error checking for OpenSSL CMS_verify
– Resolves: rhbz#2119704
– Remove invalid password expiry warning
– Resolves: rhbz#2129113
* Wed Nov 9 2022 Julien Rische <jrische@redhat.com> – 1.19.2-13
– Fix integer overflows in PAC parsing (CVE-2022-42898)
– Resolves: rhbz#2143011
* Tue Aug 2 2022 Andreas Schneider <asn@redhat.com> – 1.19.2-12
– Use baserelease to set the release number
– Do not define netlib, but use autoconf detection for res_* functions
– Add missing BR for resolv_wrapper to run t_discover_uri.py
mujs-1.3.2-1.fc38
Read Time:19 Second
FEDORA-2022-142872d895
Packages in this update:
mujs-1.3.2-1.fc38
Update description:
Automatic update for mujs-1.3.2-1.fc38.
Changelog
* Thu Dec 1 2022 Alain Vigne <avigne@fedoraproject.org> 1.3.2-1
– upstream release 1.3.2
– Fix CVE-2022-44789 (rhbz#2148261)
– Fix CVE-2022-30975 (rhbz#2088596)
– Fix CVE-2022-30974 (rhbz#2088591)
CVE-2022-1471
Read Time:12 Second
SnakeYaml’s Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml’s SafeConsturctor when parsing untrusted content to restrict deserialization.
snapd-2.57.6-1.el7
Read Time:11 Second
FEDORA-EPEL-2022-058d69433a
Packages in this update:
snapd-2.57.6-1.el7
Update description:
Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328.
Update to 2.56.2
snapd-2.57.6-1.el9
Read Time:9 Second
FEDORA-EPEL-2022-48ffd03f66
Packages in this update:
snapd-2.57.6-1.el9
Update description:
Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328.
snapd-2.57.6-1.el8
Read Time:9 Second
FEDORA-EPEL-2022-d9f41aade7
Packages in this update:
snapd-2.57.6-1.el8
Update description:
Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328.
snapd-2.57.6-1.fc36
Read Time:9 Second
FEDORA-2022-8268fa6877
Packages in this update:
snapd-2.57.6-1.fc36
Update description:
Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328