It was discovered that the methods of an Array object could be corrupted
as a result of prototype pollution by sending a message to the parent
process. If a user were tricked into opening a specially crafted website,
an attacker could exploit this to execute JavaScript in a privileged
context.
It was discovered that Vim incorrectly handled parsing of filenames in its
search functionality. If a user were tricked into opening a specially crafted
file, an attacker could crash the application, leading to a denial of
service. (CVE-2021-3973)
It was discovered that Vim incorrectly handled memory when opening and
searching the contents of certain files. If a user were tricked into opening
a specially crafted file, an attacker could crash the application, leading to
a denial of service, or possibly achieve code execution with user privileges.
(CVE-2021-3974)
It was discovered that Vim incorrectly handled memory when opening and editing
certain files. If a user were tricked into opening a specially crafted file,
an attacker could crash the application, leading to a denial of service, or
possibly achieve code execution with user privileges. (CVE-2021-3984,
CVE-2021-4019, CVE-2021-4069)
It was discovered that Vim was using freed memory when dealing with regular
expressions inside a visual selection. If a user were tricked into opening a
specially crafted file, an attacker could crash the application, leading to a
denial of service, or possibly achieve code execution with user privileges.
(CVE-2021-4192)
It was discovered that Vim was incorrectly performing read and write
operations when in visual block mode, going beyond the end of a line and
causing a heap buffer overflow. If a user were tricked into opening a
specially crafted file, an attacker could crash the application, leading to a
denial of service, or possibly achieve code execution with user privileges.
(CVE-2022-0261, CVE-2022-0318)
It was discovered that Vim was using freed memory when dealing with regular
expressions through its old regular expression engine. If a user were tricked
into opening a specially crafted file, an attacker could crash the application,
leading to a denial of service, or possibly achieve code execution with user
privileges. (CVE-2022-1154)
It was discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2017-12652)
Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2018-14048)
firefox-100.0.2-1.fc36
Updated to latest upstream (100.0.2)
firefox-100.0.2-1.fc35
Updated to latest upstream (100.0.2)
firefox-100.0.2-1.fc34
Updated to latest upstream (100.0.2)
Fixed crashes on Wayland during recovery from sleep.
golang-github-opencontainers-runc-1.1.2-1.fc34
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
golang-github-opencontainers-runc-1.1.2-1.fc35
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
golang-github-opencontainers-runc-1.1.2-1.fc36
Update to 1.1.2. Fixes rhbz#2085287.
Mitigate CVE-2022-29162 / GHSA-f3fp-gc8g-vw66.
Several flaws have been discovered in HTCondor, a distributed workload
management system, which allow users with only READ access to any daemon to use
a different authentication method than the administrator has specified. If the
administrator has configured the READ or WRITE methods to include CLAIMTOBE,
then it is possible to impersonate another user and submit or remove jobs.
