FEDORA-2022-e3a794b591

Packages in this update:

et-6.2.1-2.fc36

Update description:

Several security and stability improvements

Read More

FEDORA-2022-185b91b741

Packages in this update:

et-6.2.1-2.fc35

Update description:

Several security and stability improvements

Read More

FEDORA-2022-80b92b2a04

Packages in this update:

et-6.2.1-2.fc34

Update description:

Several security and stability improvements

Read More

FEDORA-2022-ec3ce5fb9a

Packages in this update:

CImg-3.1.0-1.fc36
gmic-3.1.0-1.fc36

Update description:

bump version

Read More

FEDORA-2022-4bdf35a1b5

Packages in this update:

chafa-1.2.1-7.fc34

Update description:

Security fix for CVE-2022-1507

Read More

FEDORA-2022-e72698d659

Packages in this update:

chafa-1.8.0-4.fc36

Update description:

Security fix for CVE-2022-1507

Read More

FEDORA-2022-0aab67e874

Packages in this update:

chafa-1.2.1-7.fc35

Update description:

Security fix for CVE-2022-1507

Read More

FEDORA-2022-a6b383aab1

Packages in this update:

chafa-1.10.3-1.fc37

Update description:

Automatic update for chafa-1.10.3-1.fc37.

Changelog

* Fri May 6 2022 Miro Hrončok <mhroncok@redhat.com> – 1.10.3-1
– Update to 1.10.3
– Fixes: rhbz#1809122
– Contains security fix for CVE-2022-1507
– Fixes: rhbz#2080294
– Provide bundled libnsgif and lodepng

Read More

The package topthink/framework before 6.0.12 are vulnerable to Deserialization of Untrusted Data due to insecure unserialize method in the Driver class.

Read More

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file (e.g. when an online profile picture is processed) with a malicious XMP segment. If the XMP metadata of the uploaded image is parsed, then the XXE vulnerability is triggered.

Read More