ecdsautils-0.4.1-1.fc35
Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous versions ecdsautils would erroneously accept all-zero signatures as valid.
More information can be found here: https://github.com/freifunk-gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw
slurm-20.11.9-1.el7
Update to 20.11.9 to fix CVE-2022-29500 and CVE-2022-29501.
slurm-20.11.9-1.el8
Update to 20.11.9 to fix CVE-2022-29500 and CVE-2022-29501.
supertux-0.6.3-4.fc36
Fix CVE-2022-30292
slurm-21.08.8-1.fc36
Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502.
slurm-21.08.8-1.fc34
Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502.
slurm-21.08.8-1.fc35
Update to 21.08.8 to fix CVE-2022-29500, CVE-2022-29501, and CVE-2022-29502.
It was discovered that jbig2dec incorrectly handled memory when parsing
invalid files. An attacker could use this issue to cause jbig2dec to crash,
leading to a denial of service. (CVE-2017-9216)
It was discovered that jbig2dec incorrectly handled memory when processing
untrusted input. An attacker could use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2020-12268)
slurm-21.08.8-1.fc37
Automatic update for slurm-21.08.8-1.fc37.
* Thu May 5 2022 Carl George <carl@george.computer> – 21.08.8-1
– Update to 21.08.8, resolves: rhbz#2082276
– Fix CVE-2022-29500, resolves: rhbz#2082286
– Fix CVE-2022-29501, resolves: rhbz#2082289
– Fix CVE-2022-29502, resolves: rhbz#2082293
Pieter Agten discovered that Rsyslog incorrectly handled certain requests.
An attacker could possibly use this issue to cause a crash.
