Read Time:11 Second
FEDORA-MODULAR-2022-87965d9e1f
Packages in this update:
mariadb-10.5-3520221121091939.f27b74a8
Update description:
MariaDB 10.5.18 & Galera 26.4.13
Release notes:
Category Archives: Advisories
USN-5737-1: APR-util vulnerability
Read Time:12 Second
It was discovered that APR-util did not properly handle memory when using
SDBM database files. A local attacker with write access to the database
can make a program or process using these functions crash, and cause a
denial of service.
firefox-107.0-3.fc37
Read Time:6 Second
FEDORA-2022-b95f6a2db1
Packages in this update:
firefox-107.0-3.fc37
Update description:
New upstream version (107.0)
firefox-107.0-3.fc35
Read Time:6 Second
FEDORA-2022-269b27bdbc
Packages in this update:
firefox-107.0-3.fc35
Update description:
New upstream version (107.0)
firefox-107.0-3.fc36
Read Time:6 Second
FEDORA-2022-2321894a60
Packages in this update:
firefox-107.0-3.fc36
Update description:
New upstream version (107.0)
CVE-2021-46854 (proftpd)
Read Time:6 Second
mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
libetpan-1.9.4-9.fc35
Read Time:20 Second
FEDORA-2022-df2f4923ea
Packages in this update:
libetpan-1.9.4-9.fc35
Update description:
A potential bug is found on libetpan that when IMAP client receives invalid STATUS response, an invalid free can occur on mailimap_mailbox_data_status_free(). This bug is now assigned as CVE-2022-4121. Although the formal fix is under discussion, this update rpm adds a quick fix for this issue.
libetpan-1.9.4-9.fc36
Read Time:20 Second
FEDORA-2022-de3e565494
Packages in this update:
libetpan-1.9.4-9.fc36
Update description:
A potential bug is found on libetpan that when IMAP client receives invalid STATUS response, an invalid free can occur on mailimap_mailbox_data_status_free(). This bug is now assigned as CVE-2022-4121. Although the formal fix is under discussion, this update rpm adds a quick fix for this issue.
libetpan-1.9.4-9.fc37
Read Time:20 Second
FEDORA-2022-f092bc8f7b
Packages in this update:
libetpan-1.9.4-9.fc37
Update description:
A potential bug is found on libetpan that when IMAP client receives invalid STATUS response, an invalid free can occur on mailimap_mailbox_data_status_free(). This bug is now assigned as CVE-2022-4121. Although the formal fix is under discussion, this update rpm adds a quick fix for this issue.
ZDI-22-1664: SolarWinds Network Performance Monitor DeserializeFromStrippedXml Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability.