FEDORA-2022-b49c9bc07a

Packages in this update:

chromium-105.0.5195.125-2.fc36

Update description:

Update to chromium-105.0.5195.125. This package only has minor changes… ah, just kidding. Here is the pile of security issues it fixes:

CVE-2022-2007 CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612 CVE-2022-2613 CVE-2022-2614 CVE-2022-2615 CVE-2022-2616 CVE-2022-2617 CVE-2022-2618 CVE-2022-2619 CVE-2022-2620 CVE-2022-2621 CVE-2022-2622 CVE-2022-2623 CVE-2022-2624 CVE-2022-2852 CVE-2022-2854 CVE-2022-2855 CVE-2022-2857 CVE-2022-2858 CVE-2022-2853 CVE-2022-2856 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861 CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042 CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046 CVE-2022-3071 CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 CVE-2022-3050 CVE-2022-3051 CVE-2022-3052 CVE-2022-3053 CVE-2022-3054 CVE-2022-3055 CVE-2022-3056 CVE-2022-3057 CVE-2022-3058 CVE-2022-3075 CVE-2022-3195 CVE-2022-3196 CVE-2022-3197 CVE-2022-3198 CVE-2022-3199 CVE-2022-3200 CVE-2022-3201

Read More

The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbitrary PHP code in a file

Read More

FEDORA-2022-d7d49b2fac

Packages in this update:

postgresql-jdbc-42.3.1-4.fc36

Update description:

Security fix for CVE-2022-31197

Read More

FEDORA-2022-cdeabe1bc0

Packages in this update:

postgresql-jdbc-42.2.26-1.fc35

Update description:

Security fix for CVE-2022-31197.

Read More

FEDORA-2022-1f8312716f

Packages in this update:

firefox-105.0.1-1.fc35

Update description:

Update to latest upstream (105.0.1)

Read More

FEDORA-2022-25e330a435

Packages in this update:

firefox-105.0.1-1.fc37

Update description:

Update to latest upstream (105.0.1)

Read More

FEDORA-2022-38179cd087

Packages in this update:

firefox-105.0.1-1.fc36

Update description:

Update to latest upstream (105.0.1)

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More

FEDORA-2022-3dd3274ae2

Packages in this update:

libdxfrw-1.1.0-0.1.rc1.fc35
librecad-2.2.0-0.15.rc4.fc35

Update description:

Update to 2.2.0 RC4.

Update librecad to 2.2.0 rc3. Apply fixes to libdxfrw and librecad for CVE-2021-45341, CVE-2021-45342, CVE-2021-45343. This also resolves the issue where some dwg files no longer opened.

Read More