Read Time:9 Second
It was discovered that SDL (Simple DirectMedia Layer) incorrectly handled
certain files. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
Category Archives: Advisories
USN-5397-1: curl vulnerabilities
Read Time:16 Second
Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2.
An attacker could possibly use this issue to access sensitive information.
(CVE-2022-22576)
Harry Sintonen discovered that curl incorrectly handled certain requests.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)
USN-5396-1: Ghostscript vulnerability
Read Time:14 Second
It was discovered that Ghostscript incorrectly handled certain PostScript
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could possibly use this issue to
access arbitrary files, execute arbitrary code, or cause a denial of
service.
USN-5395-1: networkd-dispatcher vulnerabilities
Read Time:11 Second
It was discovered that networkd-dispatcher incorrectly handled internal
scripts. A local attacker could possibly use this issue to cause a race
condition, escalate privileges and execute arbitrary code.
(CVE-2022-29799, CVE-2022-29800)
galera-26.4.11-1.fc35 mariadb-10.5.15-1.fc35
Read Time:11 Second
FEDORA-2022-03350936ee
Packages in this update:
galera-26.4.11-1.fc35
mariadb-10.5.15-1.fc35
Update description:
MariaDB 10.5.15
Release notes:
galera-26.4.11-1.fc36 mariadb-10.5.15-1.fc36
Read Time:11 Second
FEDORA-2022-263f7cc483
Packages in this update:
galera-26.4.11-1.fc36
mariadb-10.5.15-1.fc36
Update description:
MariaDB 10.5.15
Release notes:
mariadb-10.5.15-1.fc34
Read Time:9 Second
FEDORA-2022-5cfe372ab7
Packages in this update:
mariadb-10.5.15-1.fc34
Update description:
MariaDB 10.5.15
Release notes:
USN-5394-1: WebKitGTK vulnerabilities
Read Time:16 Second
A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
curl-7.82.0-3.fc36
Read Time:16 Second
FEDORA-2022-3517572083
Packages in this update:
curl-7.82.0-3.fc36
Update description:
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
curl-7.79.1-2.fc35
Read Time:16 Second
FEDORA-2022-411f088574
Packages in this update:
curl-7.79.1-2.fc35
Update description:
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)