A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
Category Archives: Advisories
CVE-2018-5483
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2018-5494
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
vim-9.0.246-1.fc35
FEDORA-2022-3b33d04743
Packages in this update:
vim-9.0.246-1.fc35
Update description:
Security fixes for CVE-2022-2946, CVE-2022-2923, CVE-2022-2845, CVE-2022-2889
thunderbird-102.2.0-1.fc36
FEDORA-2022-33dd0f2f3e
Packages in this update:
thunderbird-102.2.0-1.fc36
Update description:
Update to 102.2.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-36/
thunderbird-102.2.0-1.fc35
FEDORA-2022-ddee3eb27c
Packages in this update:
thunderbird-102.2.0-1.fc35
Update description:
Update to 102.2.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-36/
webkit2gtk3-2.36.7-1.fc35
FEDORA-2022-ddfeee50c9
Packages in this update:
webkit2gtk3-2.36.7-1.fc35
Update description:
Update to 2.36.7:
Fix several crashes and rendering issues.
Security fixes: CVE-2022-32793
Add provides for webkit2gtk4.0
webkit2gtk3 is getting renamed to webkit2gtk4.0 in F37+. Add provides for the new names to make it easier for other packages to depend on webkitgtk without having to conditionalize their spec files.
webkit2gtk3-2.36.7-1.fc36
FEDORA-2022-eada5f24a0
Packages in this update:
webkit2gtk3-2.36.7-1.fc36
Update description:
Update to 2.36.7:
Fix several crashes and rendering issues.
Security fixes: CVE-2022-32793
subscription-manager-cockpit-4-1.fc36
FEDORA-2022-b9ef7c3c3c
Packages in this update:
subscription-manager-cockpit-4-1.fc36
Update description:
We provided new build of RPM subscription-manager-cockpit containing RHSM cockpit plugin. This new build should fix security issue described in following BZ:
subscription-manager-cockpit-4-1.fc37
FEDORA-2022-798fd95813
Packages in this update:
subscription-manager-cockpit-4-1.fc37
Update description:
We provided new build of RPM subscription-manager-cockpit containing RHSM cockpit plugin. This new build should fix security issue described in following BZ: