It was discovered that networkd-dispatcher incorrectly handled internal
scripts. A local attacker could possibly use this issue to cause a race
condition, escalate privileges and execute arbitrary code.
(CVE-2022-29799, CVE-2022-29800)
Category Archives: Advisories
galera-26.4.11-1.fc35 mariadb-10.5.15-1.fc35
FEDORA-2022-03350936ee
Packages in this update:
galera-26.4.11-1.fc35
mariadb-10.5.15-1.fc35
Update description:
MariaDB 10.5.15
Release notes:
galera-26.4.11-1.fc36 mariadb-10.5.15-1.fc36
FEDORA-2022-263f7cc483
Packages in this update:
galera-26.4.11-1.fc36
mariadb-10.5.15-1.fc36
Update description:
MariaDB 10.5.15
Release notes:
mariadb-10.5.15-1.fc34
FEDORA-2022-5cfe372ab7
Packages in this update:
mariadb-10.5.15-1.fc34
Update description:
MariaDB 10.5.15
Release notes:
USN-5394-1: WebKitGTK vulnerabilities
A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
curl-7.82.0-3.fc36
FEDORA-2022-3517572083
Packages in this update:
curl-7.82.0-3.fc36
Update description:
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
curl-7.79.1-2.fc35
FEDORA-2022-411f088574
Packages in this update:
curl-7.79.1-2.fc35
Update description:
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
curl-7.76.1-14.fc34
FEDORA-2022-fc5776b142
Packages in this update:
curl-7.76.1-14.fc34
Update description:
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
maven-shared-utils-3.2.1-0.9.fc34
FEDORA-2022-5d6aaab56e
Packages in this update:
maven-shared-utils-3.2.1-0.9.fc34
Update description:
Fixes an important security vulnerability – command injection via Commandline class
CVE-2021-33436
NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITYSYSTEM.