FEDORA-EPEL-2022-157b128a28
Packages in this update:
exim-4.96-4.el9
Update description:
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-4.el9
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-5.fc35
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
exim-4.96-5.fc36
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
openssl-3.0.5-2.fc36
Security fix for CVE-2022-3602 and CVE-2022-3786
mingw-gcc-11.2.1-6.fc36
Backport fixes for CVE-2021-3826 and CVE-2022-27943.
exim-4.96-5.fc37
Fixed use after free in dmarc_dns_lookup (CVE-2022-3620).
openssl-3.0.5-3.fc37
Security fix for CVE-2022-3602 and CVE-2022-3786
It was discovered that OpenSSL incorrectly handled certain X.509 Email
Addresses. If a certificate authority were tricked into signing a
specially-crafted certificate, a remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. The
default compiler options for affected releases reduce the vulnerability to
a denial of service. (CVE-2022-3602, CVE-2022-3786)
It was discovered that OpenSSL incorrectly handled applications creating
custom ciphers via the legacy EVP_CIPHER_meth_new() function. This issue
could cause certain applications that mishandled values to the function to
possibly end up with a NULL cipher and messages in plaintext.
(CVE-2022-3358)
mediawiki-1.37.6-1.fc36
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/DMQKMFSH4K7KLBXWZTDBGI2PWLLHJHJZ/
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/SPYFDCGZE7KJNO73ET7QVSUXMHXVRFTE/
mediawiki-1.38.4-1.fc37
php-oojs-oojs-ui-0.43.2-1.fc37
php-wikimedia-assert-0.5.1-1.fc37
php-wikimedia-cdb-2.0.0-8.fc37
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/DMQKMFSH4K7KLBXWZTDBGI2PWLLHJHJZ/
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/SPYFDCGZE7KJNO73ET7QVSUXMHXVRFTE/