Two vulnerabilities were discovered in poppler, a PDF rendering library,
which could result in denial of service or the execution of arbitrary
code if a malformed PDF file or JBIG2 image is processed.
Category Archives: Advisories
open-vm-tools-12.0.5-3.fc35
FEDORA-2022-9a73b28b96
Packages in this update:
open-vm-tools-12.0.5-3.fc35
Update description:
Security fix for CVE-2022-31676
CVE-2021-28398
A privileged attacker in GeoNetwork before 3.12.0 and 4.x before 4.0.4 can use the directory harvester before-script to execute arbitrary OS commands remotely on the hosting infrastructure. A User Administrator or Administrator account is required to perform this. This occurs in the runBeforeScript method in harvesters/src/main/java/org/fao/geonet/kernel/harvest/harvester/localfilesystem/LocalFilesystemHarvester.java. The earliest affected version is 3.4.0.
open-vm-tools-12.0.5-3.fc36
FEDORA-2022-cd23eac6f4
Packages in this update:
open-vm-tools-12.0.5-3.fc36
Update description:
Security fix for CVE-2022-31676
open-vm-tools-12.0.5-3.fc37
FEDORA-2022-20d374ce8f
Packages in this update:
open-vm-tools-12.0.5-3.fc37
Update description:
Security fix for CVE-2022-31676
ZDI-22-1184: ManageEngine OpManager Plus getDNSResolveOption Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine OpManager Plus. Authentication is required to exploit this vulnerability.
flatpak-runtime-f36-3620220904192323.1 flatpak-sdk-f36-3620220904192323.1
FEDORA-FLATPAK-2022-0a5e38ea4c
Packages in this update:
flatpak-runtime-f36-3620220904192323.1
flatpak-sdk-f36-3620220904192323.1
Update description:
Updated flatpak runtime and SDK, including latest Fedora 36 security and bug-fix errata.
In addition to regular package updates, this also adds openssl1.1 to the runtime (required by python2.7 in the gimp flatpak).
libapreq2-2.17-1.fc35
FEDORA-2022-cf658a432f
Packages in this update:
libapreq2-2.17-1.fc35
Update description:
Fix CVE-2022-22728.
libapreq2-2.17-1.fc36
FEDORA-2022-61f5b492b7
Packages in this update:
libapreq2-2.17-1.fc36
Update description:
Fix CVE-2022-22728.
libapreq2-2.17-1.fc37
FEDORA-2022-9e5046934e
Packages in this update:
libapreq2-2.17-1.fc37
Update description:
Fix CVE-2022-22728.