kernel-5.17.6-200.fc35
kernel-headers-5.17.6-200.fc35
kernel-tools-5.17.6-200.fc35
The 5.17.6 stable kernel updates contain a number of important fixes across the tree.
vim-8.2.4927-1.fc34
patchlevel 4927
Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619
vim-8.2.4927-1.fc35
patchlevel 4927
Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619
The WPGraphQL WordPress plugin before 0.3.5 doesn’t properly restrict access to information about other users’ roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site.
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498.
vim-8.2.4927-1.fc36
patchlevel 4927
Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619
rsyslog-8.2204.0-1.fc37
Automatic update for rsyslog-8.2204.0-1.fc37.
* Mon May 9 2022 Attila Lakatos <alakatos@redhat.com> – 8.2204.0-1
– rebase to 8.2204.0
resolves: rhbz#1951970
– CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server
resolves: rhbz#2082302
rsyslog-8.2204.0-1.fc36
Rebase to 8.2204.0
Add patch to resolve potential heap buffer overflow, details: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8
rsyslog-8.2204.0-1.fc35
Rebase to 8.2204.0-1
Add patch resolving a potential heap buffer overflow, details: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8
USN-5244-1 fixed a vulnerability in DBus. This update provides
the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
Daniel Onaca discovered that DBus contained a use-after-free vulnerability,
caused by the incorrect handling of usernames sharing the same UID. An
attacker could possibly use this issue to cause DBus to crash, resulting
in a denial of service.
