It was discovered that parsing errors in the mp4 module of Nginx, a
high-performance web and reverse proxy server, could result in denial
of service, memory disclosure or potentially the execution of arbitrary
code when processing a malformed mp4 file.
python3.8-3.8.15-2.fc35
Security fix for CVE-2022-37454
python3.7-3.7.15-2.fc37
Security fix for CVE-2022-37454
python3.7-3.7.15-2.fc38
Automatic update for python3.7-3.7.15-2.fc38.
* Mon Nov 14 2022 Miro Hrončok <mhroncok@redhat.com> – 3.7.15-2
– CVE-2022-37454: Fix buffer overflows in _sha3 module
Related: rhbz#2140200
python3.8-3.8.15-2.fc37
Security fix for CVE-2022-37454
python3.8-3.8.15-2.fc38
Automatic update for python3.8-3.8.15-2.fc38.
* Mon Nov 14 2022 Miro Hrončok <mhroncok@redhat.com> – 3.8.15-2
– CVE-2022-37454: Fix buffer overflows in _sha3 module
Related: rhbz#2140200
elixir-1.14.2-1.fc37
Small bugfix release – no breaking changes here.
varnish-7.0.3-2.fc36
This release includes fix for CVE-2022-45059 (VSV00010) and CVE-2022-45060 (VSV00011). From the upstream release notes:
VSV00010 Varnish Request Smuggling Vulnerability
Date: 2022-11-08
A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. Among the headers that can be filtered this way are both Content-Length and Host, making it possible for an attacker to both break the HTTP/1 protocol framing, and bypass request to host routing in VCL.
VSV00011 Varnish HTTP/2 Request Forgery Vulnerability
Date: 2022-11-08
A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This may in turn be used to successfully exploit vulnerabilities in a server behind the Varnish server.
It was discovered that Vim could be made to crash when searching specially
crafted patterns. An attacker could possibly use this to crash Vim and
cause denial of service. (CVE-2022-1674)
It was discovered that there existed a NULL pointer dereference in Vim. An
attacker could possibly use this to crash Vim and cause denial of service.
(CVE-2022-1725)
It was discovered that there existed a buffer over-read in Vim when
searching specially crafted patterns. An attacker could possibly use this
to crash Vim and cause denial of service. (CVE-2022-2124)
It was discovered that there existed a heap buffer overflow in Vim when
auto-indenting lisp. An attacker could possibly use this to crash Vim and
cause denial of service. (CVE-2022-2125)
It was discovered that there existed an out of bounds read in Vim when
performing spelling suggestions. An attacker could possibly use this to
crash Vim and cause denial of service. (CVE-2022-2126)
It was discovered that Vim accessed invalid memory when executing specially
crafted command line expressions. An attacker could possibly use this to
crash Vim, access or modify memory, or execute arbitrary commands.
(CVE-2022-2175)
It was discovered that there existed an out-of-bounds read in Vim when
auto-indenting lisp. An attacker could possibly use this to crash Vim,
access or modify memory, or execute arbitrary commands. (CVE-2022-2183)
It was discovered that Vim accessed invalid memory when terminal size
changed. An attacker could possibly use this to crash Vim, access or modify
memory, or execute arbitrary commands. (CVE-2022-2206)
It was discovered that there existed a stack buffer overflow in Vim’s
spelldump. An attacker could possibly use this to crash Vim and cause
denial of service. (CVE-2022-2304)
A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.
