The ca-certificates package contained outdated CA certificates. This update
refreshes the included certificates to those contained in the 2.50 version
of the Mozilla certificate authority bundle.
Category Archives: Advisories
CVE-2017-20017
A vulnerability, which was classified as critical, has been found in The Next Generation of Genealogy Sitebuilding up to 11.1.0. This issue affects some unknown processing of the file /timeline2.php. The manipulation of the argument primaryID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.1.1 is able to address this issue. It is recommended to upgrade the affected component.
ntfs-3g-system-compression-1.0-9.fc35
FEDORA-2022-1176b501f0
Packages in this update:
ntfs-3g-system-compression-1.0-9.fc35
Update description:
Rebuild for ntfs-3g CVE
ntfs-3g-system-compression-1.0-9.fc36
FEDORA-2022-13bc8c91b0
Packages in this update:
ntfs-3g-system-compression-1.0-9.fc36
Update description:
Rebuild for ntfs-3g CVE
python-elasticsearch-7.17.4-1.el9
FEDORA-EPEL-2022-1fbc5ebf38
Packages in this update:
python-elasticsearch-7.17.4-1.el9
Update description:
Update to 7.17.4 (rhbz #2066385 + #2072294 and #2094515)
ntfs-3g-2022.5.17-1.fc35
FEDORA-2022-8fa7e5aeaf
Packages in this update:
ntfs-3g-2022.5.17-1.fc35
Update description:
New upstream version 2022.5.17
ntfs-3g-2022.5.17-1.fc36
FEDORA-2022-8f775872c9
Packages in this update:
ntfs-3g-2022.5.17-1.fc36
Update description:
New upstream version 2022.5.17
CVE-2019-25062
A vulnerability was found in Sricam IP CCTV Camera and classified as critical. This issue affects some unknown processing of the component Device Viewer. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2019-25063
A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack.
php-8.1.7-1.fc36
FEDORA-2022-f3fc52428e
Packages in this update:
php-8.1.7-1.fc36
Update description:
PHP version 8.1.7 (09 Jun 2022)
CLI:
Fixed bug GH-8575 (CLI closes standard streams too early). (Levi Morrison)
Date:
Fixed bug php#51934 (strtotime plurals / incorrect time). (Derick)
Fixed bug php#51987 (Datetime fails to parse an ISO 8601 ordinal date (extended format)). (Derick)
Fixed bug php#66019 (DateTime object does not support short ISO 8601 time format – YYYY-MM-DDTHH) (cmb, Derick)
Fixed bug php#68549 (Timezones and offsets are not properly used when working with dates) (Derick, Roel Harbers)
Fixed bug php#81565 (date parsing fails when provided with timezones including seconds). (Derick)
Fixed bug GH-7758 (Problems with negative timestamps and fractions). (Derick, Ilija)
FPM:
Fixed ACL build check on MacOS. (David Carlier)
Fixed bug php#72185: php-fpm writes empty fcgi record causing nginx 502. (Jakub Zelenka, loveharmful)
mysqlnd:
Fixed bug php#81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626) (c dot fol at ambionics dot io)
OPcache:
Fixed bug GH-8461 (tracing JIT crash after function/method change). (Arnaud, Dmitry)
OpenSSL:
Fixed bug php#79589 (error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading). (Jakub Zelenka)
Pcntl:
Fixed Haiku build. (David Carlier)
pgsql
Fixed bug php#81720: Uninitialized array in pg_query_params(). (CVE-2022-31625) (cmb)
Soap:
Fixed bug GH-8578 (Error on wrong parameter on SoapHeader constructor). (robertnisipeanu)
Fixed bug GH-8538 (SoapClient may strip parts of nmtokens). (cmb)
SPL:
Fixed bug GH-8235 (iterator_count() may run indefinitely). (cmb)
Standard:
Fixed bug GH-8185 (Crash during unloading of extension after dl() in ZTS). (Arnaud)