Category Archives: Advisories

seamonkey-2.53.13-1.fc35

Read Time:21 Second

FEDORA-2022-90618703d0

Packages in this update:

seamonkey-2.53.13-1.fc35

Update description:

Update to 2.53.13

Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.

Read More

seamonkey-2.53.13-1.fc36

Read Time:21 Second

FEDORA-2022-37db345496

Packages in this update:

seamonkey-2.53.13-1.fc36

Update description:

Update to 2.53.13

Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.

Read More

USN-5507-1: Vim vulnerabilities

Read Time:20 Second

It was discovered that Vim incorrectly handled memory access. An attacker
could potentially use this issue to cause the program to crash, use unexpected
values, or execute arbitrary code. (CVE-2022-1968)

It was discovered that Vim incorrectly handled memory access. An attacker
could potentially use this issue to cause the corruption of sensitive
information, a crash, or arbitrary code execution.
(CVE-2022-1897, CVE-2022-1942)

Read More

USN-5479-3: PHP regression

Read Time:34 Second

USN-5479-1 fixed vulnerabilities in PHP. Unfortunately that update for
CVE-2022-31625 was incomplete for Ubuntu 18.04 LTS. This update fixes
the problem.

We apologize for the inconvenience.

Original advisory details:

Charles Fol discovered that PHP incorrectly handled initializing certain
arrays when handling the pg_query_params function. A remote attacker could
use this issue to cause PHP to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-31625)

Charles Fol discovered that PHP incorrectly handled passwords in mysqlnd. A
remote attacker could use this issue to cause PHP to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2022-31626)

Read More