Category Archives: Advisories

Advisories

USN-5658-2: DHCP vulnerabilities

Read Time:27 Second

USN-5658-1 fixed vulnerabilities in DHCP. This update provides
the corresponding updates for Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that DHCP incorrectly handled option reference counting.
A remote attacker could possibly use this issue to cause DHCP servers to
crash, resulting in a denial of service. (CVE-2022-2928)

It was discovered that DHCP incorrectly handled certain memory operations.
A remote attacker could possibly use this issue to cause DHCP clients and
servers to consume resources, leading to a denial of service.
(CVE-2022-2929)

Read More

Advisories

USN-5715-1: LibRaw vulnerabilities

Read Time:14 Second

It was discovered that LibRaw incorrectly handled photo files. If a user or
automated system were tricked into processing a specially crafted photo
file, a remote attacker could cause applications linked against LibRaw to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Read More

Advisories

nodejs-16.18.1-1.fc35

Read Time:32 Second

FEDORA-2022-de515f765f

Packages in this update:

nodejs-16.18.1-1.fc35

Update description:

November 2022 Security Updates

https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/

September Security Updates for Node.js

Update to Node.js 16.17.0

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md#16.17.0

Fix dependency typo

Update to 16.15.0

Update to Node.js 16.14.1

Note that we will be skipping 16.14.2 since the only changes were in the bundled copy of OpenSSL, which we do not use. The relevant security patches are handled in Fedora’s openssl package.

Read More

Advisories

nodejs-18.12.1-1.fc37

Read Time:23 Second

FEDORA-2022-1667f7b60a

Packages in this update:

nodejs-18.12.1-1.fc37

Update description:

November 2022 Security Updates

https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/

Update to 18.10.0

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.10.0

September Security Updates for Node.js

Update to 18.9.0

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.9.0

Read More

Advisories

nodejs-16.18.1-1.fc36

Read Time:32 Second

FEDORA-2022-52dec6351a

Packages in this update:

nodejs-16.18.1-1.fc36

Update description:

November 2022 Security Updates

https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/

September Security Updates for Node.js

Update to Node.js 16.17.0

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md#16.17.0

Fix dependency typo

Update to 16.15.0

Update to Node.js 16.14.1

Note that we will be skipping 16.14.2 since the only changes were in the bundled copy of OpenSSL, which we do not use. The relevant security patches are handled in Fedora’s openssl package.

Read More

Advisories

etcd-3.5.5-1.fc38~bootstrap

Read Time:1 Minute, 8 Second

FEDORA-2022-28d38313c8

Packages in this update:

etcd-3.5.5-1.fc38~bootstrap

Update description:

Automatic update for etcd-3.5.5-1.fc38~bootstrap.

Changelog

* Sun Nov 6 2022 Robert-André Mauchin <zebob.m@gmail.com> 3.5.5-1
– Bootstrap
* Wed Aug 10 2022 Maxwell G <gotmax@e.email> 3.5.0-11
– Rebuild to fix FTBFS
* Wed Aug 10 2022 Maxwell G <gotmax@e.email> 3.5.0-10
– Rebuild to fix FTBFS
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> 3.5.0-9
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax@e.email> 3.5.0-8
– Rebuild for
CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Thu Jun 23 2022 Maxwell G <gotmax@e.email> 3.5.0-7
– Rebuild to mitigate CVE-2022-21698 (rhbz#2067400).
* Sun Jun 19 2022 Robert-André Mauchin <zebob.m@gmail.com> 3.5.0-6
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327,
CVE-2022-27191, CVE-2022-29526, CVE-2022-30629
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> 3.5.0-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

Read More