Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a
simple interprocess messaging system, which may result in denial of
service by an authenticated user.
Category Archives: Advisories
DSA-5249 strongswan – security update
Lahav Schlesinger discovered a vulnerability in the revocation plugin of
strongSwan, an IKE/IPsec suite.
USN-5659-1: kitty vulnerabilities
Stephane Chauveau discovered that kitty incorrectly handled image
filenames with special characters in error messages. A remote
attacker could possibly use this to execute arbitrary commands.
This issue only affected Ubuntu 20.04 LTS. (CVE-2020-35605)
Carter Sande discovered that kitty incorrectly handled escape
sequences in desktop notifications. A remote attacker could possibly
use this to execute arbitrary commands. This issue only affected
Ubuntu 22.04 LTS. (CVE-2022-41322)
USN-5657-1: Graphite2 vulnerability
It was discovered that Graphite2 mishandled specially crafted files. An
attacker could possibly use this issue to cause a denial of service or
other unspecified impact.
python3-mod_wsgi-4.7.1-3.el7
FEDORA-EPEL-2022-3f600666f9
Packages in this update:
python3-mod_wsgi-4.7.1-3.el7
Update description:
Backported fix for CVE-2022-2255
python3.6-3.6.15-13.fc38
FEDORA-2022-3bc8e7f017
Packages in this update:
python3.6-3.6.15-13.fc38
Update description:
Automatic update for python3.6-3.6.15-13.fc38.
Changelog
* Wed Oct 5 2022 Victor Stinner <vstinner@python.org> – 3.6.15-13
– Prevent denial of service (DoS) by very large integers.
Resolves: rhbz#1834423
nodejs-18.10.0-1.fc37
FEDORA-2022-d84d27c5ad
Packages in this update:
nodejs-18.10.0-1.fc37
Update description:
Update to 18.10.0
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.10.0
September Security Updates for Node.js
Update to 18.9.0
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.9.0
USN-5658-1: DHCP vulnerabilities
It was discovered that DHCP incorrectly handled option reference counting.
A remote attacker could possibly use this issue to cause DHCP servers to
crash, resulting in a denial of service. (CVE-2022-2928)
It was discovered that DHCP incorrectly handled certain memory operations.
A remote attacker could possibly use this issue to cause DHCP clients and
servers to consume resources, leading to a denial of service.
(CVE-2022-2929)
golang-1.18.7-1.fc36
FEDORA-2022-0e313cc582
Packages in this update:
golang-1.18.7-1.fc36
Update description:
This release includes security fixes to the archive/tar, net/http/httputil, and regexp packages, as well as bug fixes to the compiler, the linker, and the go/types package. See the Go 1.18.7 milestone on the issue tracker for details.
golang-1.19.2-1.fc37
FEDORA-2022-59a20edab2
Packages in this update:
golang-1.19.2-1.fc37
Update description:
This release includes security fixes to the archive/tar, net/http/httputil, and regexp packages, as well as bug fixes to the compiler, the linker, the runtime, and the go/types package. See the Go 1.19.2 milestone on the issue tracker for details.