dotnet6.0-6.0.105-1.fc35
Update to .NET SDK 6.0.105 and Runtime 6.0.5
This is the May 2022 update for .NET 6. It includes fixes for multiple CVEs, including CVE-2022-29117, CVE-2022-29145 and CVE-2022-23267.
dotnet6.0-6.0.105-1.fc34
Update to .NET SDK 6.0.105 and Runtime 6.0.5
This is the May 2022 update for .NET 6. It includes fixes for multiple CVEs, including CVE-2022-29117, CVE-2022-29145 and CVE-2022-23267.
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task.
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.
yubihsm-connector-3.0.2-2.el8
Rebuild for CVE-2022-24675 (#2084697)
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.
