An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
Category Archives: Advisories
CVE-2020-27799
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27800
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27801 (upx)
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2018-5483
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2018-5494
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
vim-9.0.246-1.fc35
FEDORA-2022-3b33d04743
Packages in this update:
vim-9.0.246-1.fc35
Update description:
Security fixes for CVE-2022-2946, CVE-2022-2923, CVE-2022-2845, CVE-2022-2889
thunderbird-102.2.0-1.fc36
FEDORA-2022-33dd0f2f3e
Packages in this update:
thunderbird-102.2.0-1.fc36
Update description:
Update to 102.2.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-36/
thunderbird-102.2.0-1.fc35
FEDORA-2022-ddee3eb27c
Packages in this update:
thunderbird-102.2.0-1.fc35
Update description:
Update to 102.2.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-36/
webkit2gtk3-2.36.7-1.fc35
FEDORA-2022-ddfeee50c9
Packages in this update:
webkit2gtk3-2.36.7-1.fc35
Update description:
Update to 2.36.7:
Fix several crashes and rendering issues.
Security fixes: CVE-2022-32793
Add provides for webkit2gtk4.0
webkit2gtk3 is getting renamed to webkit2gtk4.0 in F37+. Add provides for the new names to make it easier for other packages to depend on webkitgtk without having to conditionalize their spec files.