Category Archives: Advisories

Update to 9.30
Strip package back to just be the -terminfo file.
This is due to CVE-2022-4170: unaffected versions of rxvt-unicode (that is, libptytty) don’t build on epel7.

Advisories

rxvt-unicode-9.30-1.el7

December 16, 2022

Read Time:15 Second

FEDORA-EPEL-2022-e187f1231f

Packages in this update:

rxvt-unicode-9.30-1.el7

Update description:

Update to 9.30
Strip package back to just be the -terminfo file.
This is due to CVE-2022-4170: unaffected versions of rxvt-unicode (that is, libptytty) don’t build on epel7.

Advisories

USN-5783-1: Linux kernel (OEM) vulnerability

December 16, 2022

Read Time:12 Second

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.

Advisories

CVE-2021-35252 (serv-u)

December 16, 2022

Read Time:10 Second

Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.

Advisories

CVE-2021-28655

December 16, 2022

Read Time:11 Second

The improper Input Validation vulnerability in “â€�Move folder to Trashâ€� feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Advisories