Category Archives: Advisories

weechat-3.6-1.el8

Read Time:33 Second

FEDORA-EPEL-2022-56709b917a

Packages in this update:

weechat-3.6-1.el8

Update description:

add command “/item” to create custom bar items
add bar item “spacer”
add case conversion in evaluation of expressions with “lower:string” and “upper:string”
move detailed list of hooks from command “/plugin listfull” to “/debug hooks “
allow to remove multiple filters at once with command “/filter del”
allow to catch multiple signals in functions hook_signal and hook_hsignal
rename option “save” to “apply” in IRC command “/autojoin”
add support of RPL_HELPSTART, RPL_HELPTXT and RPL_ENDOFHELP (IRC messages 524, 704, 705, 706)
add support of PHP 8.2
many bugs fixed.

Read More

weechat-3.6-1.fc37

Read Time:33 Second

FEDORA-2022-88252e4f80

Packages in this update:

weechat-3.6-1.fc37

Update description:

add command “/item” to create custom bar items
add bar item “spacer”
add case conversion in evaluation of expressions with “lower:string” and “upper:string”
move detailed list of hooks from command “/plugin listfull” to “/debug hooks “
allow to remove multiple filters at once with command “/filter del”
allow to catch multiple signals in functions hook_signal and hook_hsignal
rename option “save” to “apply” in IRC command “/autojoin”
add support of RPL_HELPSTART, RPL_HELPTXT and RPL_ENDOFHELP (IRC messages 524, 704, 705, 706)
add support of PHP 8.2
many bugs fixed.

Read More

weechat-3.6-1.fc36

Read Time:33 Second

FEDORA-2022-b81c4781af

Packages in this update:

weechat-3.6-1.fc36

Update description:

add command “/item” to create custom bar items
add bar item “spacer”
add case conversion in evaluation of expressions with “lower:string” and “upper:string”
move detailed list of hooks from command “/plugin listfull” to “/debug hooks “
allow to remove multiple filters at once with command “/filter del”
allow to catch multiple signals in functions hook_signal and hook_hsignal
rename option “save” to “apply” in IRC command “/autojoin”
add support of RPL_HELPSTART, RPL_HELPTXT and RPL_ENDOFHELP (IRC messages 524, 704, 705, 706)
add support of PHP 8.2
many bugs fixed.

Read More

weechat-3.6-1.el9

Read Time:33 Second

FEDORA-EPEL-2022-1c6c522b07

Packages in this update:

weechat-3.6-1.el9

Update description:

add command “/item” to create custom bar items
add bar item “spacer”
add case conversion in evaluation of expressions with “lower:string” and “upper:string”
move detailed list of hooks from command “/plugin listfull” to “/debug hooks “
allow to remove multiple filters at once with command “/filter del”
allow to catch multiple signals in functions hook_signal and hook_hsignal
rename option “save” to “apply” in IRC command “/autojoin”
add support of RPL_HELPSTART, RPL_HELPTXT and RPL_ENDOFHELP (IRC messages 524, 704, 705, 706)
add support of PHP 8.2
many bugs fixed.

Read More

USN-5660-1: Linux kernel (GCP) vulnerabilities

Read Time:1 Minute, 12 Second

It was discovered that the framebuffer driver on the Linux kernel did not
verify size limits when changing font or screen size, leading to an out-of-
bounds write. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-33655)

Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation
in the Linux kernel did not provide sufficient randomization when
calculating port offsets. An attacker could possibly use this to expose
sensitive information. (CVE-2022-1012, CVE-2022-32296)

Norbert Slusarek discovered that a race condition existed in the perf
subsystem in the Linux kernel, resulting in a use-after-free vulnerability.
A privileged local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-1729)

It was discovered that the device-mapper verity (dm-verity) driver in the
Linux kernel did not properly verify targets being loaded into the device-
mapper table. A privileged attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2022-2503)

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2022-36946)

Read More

USN-5659-1: kitty vulnerabilities

Read Time:21 Second

Stephane Chauveau discovered that kitty incorrectly handled image
filenames with special characters in error messages. A remote
attacker could possibly use this to execute arbitrary commands.
This issue only affected Ubuntu 20.04 LTS. (CVE-2020-35605)

Carter Sande discovered that kitty incorrectly handled escape
sequences in desktop notifications. A remote attacker could possibly
use this to execute arbitrary commands. This issue only affected
Ubuntu 22.04 LTS. (CVE-2022-41322)

Read More