Read Time:7 Second
FEDORA-EPEL-2022-54e8e9bf3b
Packages in this update:
dropbear-2019.78-4.el8
Update description:
Backport fix for CVE-2020-36254, resolves rhbz#1933067
Category Archives: Advisories
dropbear-2017.75-2.el7
Read Time:10 Second
FEDORA-EPEL-2022-f0317a13d8
Packages in this update:
dropbear-2017.75-2.el7
Update description:
Backport fix for CVE-2018-15599, resolves rhbz#1623177
Backport fix for CVE-2020-36254, resolves rhbz#1933067
DSA-5241 wpewebkit – security update
Read Time:4 Second
The following vulnerabilities have been discovered in the WPE WebKit
web engine:
DSA-5240 webkit2gtk – security update
Read Time:3 Second
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
DSA-5243 lighttpd – security update
Read Time:4 Second
Several vulnerabilities were discovered in lighttpd, a fast webserver
with minimal memory footprint.
DSA-5242 maven-shared-utils – security update
Read Time:10 Second
It was discovered that the Commandline class in maven-shared-utils, a
collection of various utility classes for the Maven build system, can
emit double-quoted strings without proper escaping, allowing shell
injection attacks.
DSA-5244 chromium – security update
Read Time:7 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
CVE-2021-41433
Read Time:9 Second
SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php.
openssl3-3.0.1-41.el8.1
Read Time:9 Second
FEDORA-EPEL-2022-3bebee4625
Packages in this update:
openssl3-3.0.1-41.el8.1
Update description:
Sync with CentOS Stream 9’s openssl to pick up CVE fixes
CVE-2021-27854
Read Time:10 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.