OpenSSL Release (3.0.7)
Today, the OpenSSL Project released a new version of OpenSSL (v3.0.7). Last week's early announcement indicated at first this was a CRITICAL vulnerability and included...
DSA-5269 pypy3 – security update
Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a fast, compliant alternative implementation of the Python language. Read More
xen-4.15.3-7.fc35
FEDORA-2022-99af00f60e Packages in this update: xen-4.15.3-7.fc35 Update description: Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] Xenstore:...
dotnet6.0-6.0.110-2.fc35
FEDORA-2022-7ad73a633f Packages in this update: dotnet6.0-6.0.110-2.fc35 Update description: This is the October 2022 monthly update for .NET 6. It updates the SDK to 6.0.110 and...
dotnet6.0-6.0.110-2.fc36
FEDORA-2022-5f28fceec0 Packages in this update: dotnet6.0-6.0.110-2.fc36 Update description: This is the October 2022 monthly update for .NET 6. It updates the SDK to 6.0.110 and...
xen-4.16.2-3.fc36
FEDORA-2022-07438e12df Packages in this update: xen-4.16.2-3.fc36 Update description: x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] Xenstore: Guests...
openssl3-3.0.1-43.el8.1
FEDORA-EPEL-2022-e228f64914 Packages in this update: openssl3-3.0.1-43.el8.1 Update description: Security fix for CVE-2022-3602 and CVE-2022-3786 Read More
xen-4.16.2-3.fc37
FEDORA-2022-674b1243c2 Packages in this update: xen-4.16.2-3.fc37 Update description: x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] Xenstore: Guests...
CVE-2020-4099
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker...
exim-4.96-4.el7
FEDORA-EPEL-2022-0ff028bdf5 Packages in this update: exim-4.96-4.el7 Update description: Fixed use after free in dmarc_dns_lookup (CVE-2022-3620). Read More