Several issues were found in GRUB2’s font handling code, which could
result in crashes and potentially execution of arbitrary code. These
could lead to by-pass of UEFI Secure Boot on affected systems.
Category Archives: Advisories
DSA-5281 nginx – security update
It was discovered that parsing errors in the mp4 module of Nginx, a
high-performance web and reverse proxy server, could result in denial
of service, memory disclosure or potentially the execution of arbitrary
code when processing a malformed mp4 file.
python3.8-3.8.15-2.fc35
FEDORA-2022-7798bf3aa3
Packages in this update:
python3.8-3.8.15-2.fc35
Update description:
Security fix for CVE-2022-37454
python3.7-3.7.15-2.fc37
FEDORA-2022-4f547d1cc6
Packages in this update:
python3.7-3.7.15-2.fc37
Update description:
Security fix for CVE-2022-37454
python3.7-3.7.15-2.fc38
FEDORA-2022-792bd23738
Packages in this update:
python3.7-3.7.15-2.fc38
Update description:
Automatic update for python3.7-3.7.15-2.fc38.
Changelog
* Mon Nov 14 2022 Miro Hrončok <mhroncok@redhat.com> – 3.7.15-2
– CVE-2022-37454: Fix buffer overflows in _sha3 module
Related: rhbz#2140200
python3.8-3.8.15-2.fc37
FEDORA-2022-cb47d98a05
Packages in this update:
python3.8-3.8.15-2.fc37
Update description:
Security fix for CVE-2022-37454
python3.8-3.8.15-2.fc38
FEDORA-2022-eda83be115
Packages in this update:
python3.8-3.8.15-2.fc38
Update description:
Automatic update for python3.8-3.8.15-2.fc38.
Changelog
* Mon Nov 14 2022 Miro Hrončok <mhroncok@redhat.com> – 3.8.15-2
– CVE-2022-37454: Fix buffer overflows in _sha3 module
Related: rhbz#2140200
elixir-1.14.2-1.fc37
FEDORA-2022-be7abff81b
Packages in this update:
elixir-1.14.2-1.fc37
Update description:
Small bugfix release – no breaking changes here.
varnish-7.0.3-2.fc36
FEDORA-2022-babfbc2622
Packages in this update:
varnish-7.0.3-2.fc36
Update description:
This release includes fix for CVE-2022-45059 (VSV00010) and CVE-2022-45060 (VSV00011). From the upstream release notes:
VSV00010 Varnish Request Smuggling Vulnerability
Date: 2022-11-08
A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. Among the headers that can be filtered this way are both Content-Length and Host, making it possible for an attacker to both break the HTTP/1 protocol framing, and bypass request to host routing in VCL.
VSV00011 Varnish HTTP/2 Request Forgery Vulnerability
Date: 2022-11-08
A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This may in turn be used to successfully exploit vulnerabilities in a server behind the Varnish server.
USN-5723-1: Vim vulnerabilities
It was discovered that Vim could be made to crash when searching specially
crafted patterns. An attacker could possibly use this to crash Vim and
cause denial of service. (CVE-2022-1674)
It was discovered that there existed a NULL pointer dereference in Vim. An
attacker could possibly use this to crash Vim and cause denial of service.
(CVE-2022-1725)
It was discovered that there existed a buffer over-read in Vim when
searching specially crafted patterns. An attacker could possibly use this
to crash Vim and cause denial of service. (CVE-2022-2124)
It was discovered that there existed a heap buffer overflow in Vim when
auto-indenting lisp. An attacker could possibly use this to crash Vim and
cause denial of service. (CVE-2022-2125)
It was discovered that there existed an out of bounds read in Vim when
performing spelling suggestions. An attacker could possibly use this to
crash Vim and cause denial of service. (CVE-2022-2126)
It was discovered that Vim accessed invalid memory when executing specially
crafted command line expressions. An attacker could possibly use this to
crash Vim, access or modify memory, or execute arbitrary commands.
(CVE-2022-2175)
It was discovered that there existed an out-of-bounds read in Vim when
auto-indenting lisp. An attacker could possibly use this to crash Vim,
access or modify memory, or execute arbitrary commands. (CVE-2022-2183)
It was discovered that Vim accessed invalid memory when terminal size
changed. An attacker could possibly use this to crash Vim, access or modify
memory, or execute arbitrary commands. (CVE-2022-2206)
It was discovered that there existed a stack buffer overflow in Vim’s
spelldump. An attacker could possibly use this to crash Vim and cause
denial of service. (CVE-2022-2304)