Category Archives: Advisories

java-1.8.0-openjdk-1.8.0.332.b09-1.fc36 java-11-openjdk-11.0.15.0.10-1.fc36 java-17-openjdk-17.0.3.0.7-1.fc36 java-latest-openjdk-18.0.1.0.10-1.rolling.fc36

Read Time:30 Second

FEDORA-2022-42c08d8bd8

Packages in this update:

java-11-openjdk-11.0.15.0.10-1.fc36
java-17-openjdk-17.0.3.0.7-1.fc36
java-1.8.0-openjdk-1.8.0.332.b09-1.fc36
java-latest-openjdk-18.0.1.0.10-1.rolling.fc36

Update description:

Oracle 04/2022 critical path update

https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA
Cross fingers I had not messed up system JDK.
java-maint have to run several tests to ensure viablity, thus auto karma will be turned off.
Still karma is highly appreciated

Read More

java-1.8.0-openjdk-1.8.0.332.b09-1.fc34 java-11-openjdk-11.0.15.0.10-1.fc34 java-17-openjdk-17.0.3.0.7-1.fc34 java-latest-openjdk-18.0.1.0.10-1.rolling.fc34

Read Time:30 Second

FEDORA-2022-9cc421562b

Packages in this update:

java-11-openjdk-11.0.15.0.10-1.fc34
java-17-openjdk-17.0.3.0.7-1.fc34
java-1.8.0-openjdk-1.8.0.332.b09-1.fc34
java-latest-openjdk-18.0.1.0.10-1.rolling.fc34

Update description:

Oracle 04/2022 critical path update

https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA
Cross fingers I had not messed up system JDK.
java-maint have to run several tests to ensure viablity, thus auto karma will be turned off.
Still karma is highly appreciated

Read More

USN-5397-1: curl vulnerabilities

Read Time:16 Second

Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2.
An attacker could possibly use this issue to access sensitive information.
(CVE-2022-22576)

Harry Sintonen discovered that curl incorrectly handled certain requests.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)

Read More

USN-5396-1: Ghostscript vulnerability

Read Time:14 Second

It was discovered that Ghostscript incorrectly handled certain PostScript
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could possibly use this issue to
access arbitrary files, execute arbitrary code, or cause a denial of
service.

Read More

USN-5394-1: WebKitGTK vulnerabilities

Read Time:16 Second

A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Read More