kernel-5.18.11-200.fc36
The 5.18.11 stable kernel update contains a number of important fixes across the tree. In addition to the 5.18.11 stable patches, this build contains the retbleed patches scheduled for 5.18.12 kernels.
git-2.37.1-1.fc35
Update to 2.37.1 (CVE-2022-29187)
From the release notes for 2.30.5:
This release contains minor fix-ups for the changes that went into
Git 2.30.3 and 2.30.4, addressing CVE-2022-29187.
* The safety check that verifies a safe ownership of the Git
worktree is now extended to also cover the ownership of the Git
directory (and the `.git` file, if there is any).
Carlo Marcelo Arenas Belón (1):
setup: tighten ownership checks post CVE-2022-24765
Further details are available in the upstream advisory.
Additionally, from the release notes for 2.37.1:
* Rewrite of “git add -i” in C that appeared in Git 2.25 didn’t
correctly record a removed file to the index, which is an old
regression but has become widely known because the C version has
become the default in the latest release.
Last, but not least, are the usual bugfixes and improvements found since the 2.35 and 2.36 release. For details, refer to the release notes for 2.36.0 and 2.37.0.
git-2.37.1-1.fc36
Update to 2.37.1 (CVE-2022-29187)
From the release notes for 2.30.5:
This release contains minor fix-ups for the changes that went into
Git 2.30.3 and 2.30.4, addressing CVE-2022-29187.
* The safety check that verifies a safe ownership of the Git
worktree is now extended to also cover the ownership of the Git
directory (and the `.git` file, if there is any).
Carlo Marcelo Arenas Belón (1):
setup: tighten ownership checks post CVE-2022-24765
Further details are available in the upstream advisory.
Additionally, from the release notes for 2.37.1:
* Rewrite of “git add -i” in C that appeared in Git 2.25 didn’t
correctly record a removed file to the index, which is an old
regression but has become widely known because the C version has
become the default in the latest release.
Last, but not least, are the usual bugfixes and improvements found since the 2.36 release. For details, refer to the release notes for 2.37.0.
Multiple vulnerabilities have been discovered in Request Tracker, an
extensible trouble-ticket tracking system.
xen-4.16.1-6.fc36
Retbleed – arbitrary speculative code execution with return instructions
[XSA-407, CVE-2022-23816, CVE-2022-23825, CVE-2022-29900]
suricata-5.0.10-1.el8
This update fixes many bugs some of which are security relevant.
suricata-6.0.6-1.fc36
This update fixes many bugs some of which are security relevant.
suricata-6.0.6-1.fc35
This update fixes many bugs some of which are security relevant.
suricata-6.0.6-1.el9
This update fixes many bugs some of which are security relevant.
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
