Sandipan Roy discovered two vulnerabilities in InfoZIP’s unzip program,
a de-archiver for .zip files, which could result in denial of service
or potentially the execution of arbitrary code.

Read More

It was discovered that libtirpc, a transport-independent RPC library,
does not properly handle idle TCP connections. A remote attacker can
take advantage of this flaw to cause a denial of service.

Read More

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

Read More

FEDORA-2022-163bcf190f

Packages in this update:

rust-ffsend-0.2.76-2.fc36

Update description:

Rebuild against websocket 0.26.5 for CVE-2022-35922 / RUSTSEC-2022-0035.

Read More

FEDORA-2022-dfa24fa7d4

Packages in this update:

rust-ffsend-0.2.71-3.fc35

Update description:

Rebuild against websocket 0.26.5 for CVE-2022-35922 / RUSTSEC-2022-0035.

Read More

FEDORA-2022-4279e6c668

Packages in this update:

firefox-103.0.1-2.fc35

Update description:

Enabled VA-API by default
Fixed arm builds by G. Hojda

Update to latest upstream (103.0.1)

Read More

Jan-Niklas Sohn discovered that multiple input validation failures in
the Xkb extension of the X.org X server may result in privilege
escalation if the X server is running privileged.

Read More

FEDORA-2022-ce4719993c

Packages in this update:

rubygem-rails-html-sanitizer-1.4.3-1.fc35

Update description:

Update to rails-html-sanitizer 1.4.3.

Read More

FEDORA-2022-974fffb418

Packages in this update:

rubygem-rails-html-sanitizer-1.4.3-1.fc36

Update description:

Update to rails-html-sanitizer 1.4.3.

Read More

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Read More