FEDORA-2022-53e0f427dd
Packages in this update:
pack-0.27.0-1.fc36
Update description:
auto bump to v0.27.0
pack-0.27.0-1.fc36
auto bump to v0.27.0
yubihsm-connector-3.0.3-3.fc36
New upstream release (#2100541)
It was discovered that SpiderMonkey JavaScript Library incorrectly
generated certain assembly code. An remote attacker could
possibly use this issue to cause a crash or expose sensitive
information. (CVE-2022-28285)
It was discovered that SpiderMonkey JavaScript Library incorrectly
generated certain assembly code. An remote attacker could
possibly use this issue to cause a crash. (CVE-2022-31740)
httpd-2.4.54-3.fc36
new version 2.4.54
various security fixes
httpd-2.4.54-1.fc35
new version 2.4.54
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA SDK for Java. Authentication is not required to exploit this vulnerability.
It was discovered that the 8 Devices USB2CAN interface implementation in
the Linux kernel did not properly handle certain error conditions, leading
to a double-free. A local attacker could possibly use this to cause a
denial of service (system crash).
Multiple security issues were discovered in the Squid proxy caching
server:
Multiple vulnerabilities were discovered in Node.js, which could result in
HTTP request smuggling, a bypass of certificate verification or prototype
pollution.
mingw-wavpack-5.4.0-5.fc35
Security fix for CVE-2021-44269