It was discovered that DHCP incorrectly handled option reference counting.
A remote attacker could possibly use this issue to cause DHCP servers to
crash, resulting in a denial of service. (CVE-2022-2928)
It was discovered that DHCP incorrectly handled certain memory operations.
A remote attacker could possibly use this issue to cause DHCP clients and
servers to consume resources, leading to a denial of service.
(CVE-2022-2929)
golang-1.18.7-1.fc36
This release includes security fixes to the archive/tar, net/http/httputil, and regexp packages, as well as bug fixes to the compiler, the linker, and the go/types package. See the Go 1.18.7 milestone on the issue tracker for details.
golang-1.19.2-1.fc37
This release includes security fixes to the archive/tar, net/http/httputil, and regexp packages, as well as bug fixes to the compiler, the linker, the runtime, and the go/types package. See the Go 1.19.2 milestone on the issue tracker for details.
luajit-2.0.5-1.20220913.46e62cd.el7
Update to latest snapshot of 2.0 branch
Fixes CVE-2020-15890, resolves rhbz#1860331
Fixes CVE-2020-24372, resolves rhbz#1870308
firefox-stable-3620221005130001.1
flatpak-runtime-f36-3620220917002532.2
flatpak-sdk-f36-3620220917002532.2
firefox 105.0.2 release, together with required flatpak runtime update.
poppler-22.08.0-2.fc37
Security fix for CVE-2022-38784
poppler-21.08.0-3.fc35
Security fix for CVE-2022-38784
poppler-22.01.0-6.fc36
Security fix for CVE-2022-38784
git-lfs-2.10.0-2.el7
Rebuild with current EPEL 7 golang
Fixes CVE-2022-24675, resolves rhbz#2084673
Fixes CVE-2022-28327, resolves rhbz#2084854
Fixes CVE-2021-38297, resolves rhbz#2118476
Sync build steps with RHEL8/RHEL9
Add pre-generated manpages, resolves rhbz#1934043
Add provides for bundled golang libraries
Redirect scriptlet output to /dev/null
Joseph Yasi discovered that JACK incorrectly handled the closing of a socket
in certain conditions. An attacker could potentially use this issue to
cause a crash.
