Read Time:7 Second
FEDORA-2022-efaa7e8775
Packages in this update:
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc34
Update description:
8u332 update
Category Archives: Advisories
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc35
Read Time:7 Second
FEDORA-2022-0a719e8ba4
Packages in this update:
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc35
Update description:
8u332 update
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc36
Read Time:7 Second
FEDORA-2022-eb9cc91549
Packages in this update:
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc36
Update description:
8u332 update
freetype-2.10.4-6.fc34
Read Time:9 Second
FEDORA-2022-5e45671294
Packages in this update:
freetype-2.10.4-6.fc34
Update description:
Security fix for CVE-2022-27404, CVE-2022-27405 and CVE-2022-27406.
freetype-2.11.0-6.fc35
Read Time:9 Second
FEDORA-2022-80e1724780
Packages in this update:
freetype-2.11.0-6.fc35
Update description:
Security fix for CVE-2022-27404, CVE-2022-27405 and CVE-2022-27406.
USN-5402-1: OpenSSL vulnerabilities
Read Time:48 Second
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash
script. A local attacker could possibly use this issue to execute arbitrary
commands when c_rehash is run. (CVE-2022-1292)
Raul Metsma discovered that OpenSSL incorrectly verified certain response
signing certificates. A remote attacker could possibly use this issue to
spoof certain response signing certificates. This issue only affected
Ubuntu 22.04 LTS. (CVE-2022-1343)
Tom Colley discovered that OpenSSL used the incorrect MAC key in the
RC4-MD5 ciphersuite. In non-default configurations were RC4-MD5 is enabled,
a remote attacker could possibly use this issue to modify encrypted
communications. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1434)
Aliaksei Levin discovered that OpenSSL incorrectly handled resources when
decoding certificates and keys. A remote attacker could possibly use this
issue to cause OpenSSL to consume resources, leading to a denial of
service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473)
USN-5400-2: MySQL vulnerabilities
Read Time:31 Second
USN-5400-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html
https://www.oracle.com/security-alerts/cpuapr2022.html
USN-5401-1: DPDK vulnerabilities
Read Time:20 Second
Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An
attacker could use this issue to cause DPDK to crash, resulting in a denial
of service, or possibly execute arbitrary code. (CVE-2021-3839)
It was discovered that DPDK incorrectly handled inflight type messages. An
attacker could possibly use this issue to cause DPDK to consume resources,
leading to a denial of service. (CVE-2022-0669)
java-latest-openjdk-18.0.1.0.10-1.rolling.el7
Read Time:11 Second
FEDORA-EPEL-2022-ec554055b2
Packages in this update:
java-latest-openjdk-18.0.1.0.10-1.rolling.el7
Update description:
Oracle 04/2022 critical path update
https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA
mingw-SDL2_ttf-2.0.18-2.fc34
Read Time:7 Second
FEDORA-2022-857d1f7050
Packages in this update:
mingw-SDL2_ttf-2.0.18-2.fc34
Update description:
Security fix for CVE-2022-27470