Read Time:6 Second
FEDORA-2022-99d17387ea
Packages in this update:
osbuild-composer-57-1.fc35
Update description:
Update osbuild-composer to the latest version
Category Archives: Advisories
golang-1.18.4-1.fc36
Read Time:18 Second
FEDORA-2022-f6d84fa837
Packages in this update:
golang-1.18.4-1.fc36
Update description:
go1.18.4 includes security fixes to the compress/gzip, encoding/gob, encoding/xml, go/parser, io/fs, net/http, and path/filepath packages, as well as bug fixes to the compiler, the go command, the linker, the runtime, and the runtime/metrics package.
xorg-x11-server-Xwayland-21.1.4-2.fc35
Read Time:10 Second
FEDORA-2022-8e787b2a5c
Packages in this update:
xorg-x11-server-Xwayland-21.1.4-2.fc35
Update description:
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
xorg-x11-server-Xwayland-22.1.3-1.fc36
Read Time:10 Second
FEDORA-2022-856bb475b7
Packages in this update:
xorg-x11-server-Xwayland-22.1.3-1.fc36
Update description:
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
xorg-x11-server-1.20.14-7.fc35
Read Time:10 Second
FEDORA-2022-573714ca6b
Packages in this update:
xorg-x11-server-1.20.14-7.fc35
Update description:
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
xorg-x11-server-1.20.14-7.fc36
Read Time:10 Second
FEDORA-2022-6807c29d58
Packages in this update:
xorg-x11-server-1.20.14-7.fc36
Update description:
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070
CVE-2019-10800
Read Time:8 Second
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method.
grafana-9.0.2-2.fc37
Read Time:15 Second
FEDORA-2022-8f60426b65
Packages in this update:
grafana-9.0.2-2.fc37
Update description:
Automatic update for grafana-9.0.2-2.fc37.
Changelog
* Wed Jul 13 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-2
– use systemd-sysusers to create the Grafana user and group
CVE-2019-10761
Read Time:19 Second
This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the “sandboxed” context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference the mainModule property of the host code running the script allowing it to spawn a child_process and execute arbitrary code.
USN-5256-1: uriparser vulnerabilities
Read Time:8 Second
It was discovered that uriparser incorrectly handled certain memory operations.
An attacker could use this to cause a denial of service.
(CVE-2021-46141, CVE-2021-46142)