Read Time:11 Second
FEDORA-2022-78b83f0e2c
Packages in this update:
pdns-4.6.1-1.fc34
Update description:
Update to 4.6.1
Release notes: https://doc.powerdns.com/recursor/changelog/4.6.html#change-4.6.2
Category Archives: Advisories
DSA-5118 thunderbird – security update
Read Time:6 Second
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
DSA-5117 xen – security update
Read Time:6 Second
Multiple vulnerabilities have been discovered in the Xen hypervisor, which
could result in privilege escalation, denial of service or information leaks.
kernel-5.16.19-200.fc35
Read Time:9 Second
FEDORA-2022-91633399ff
Packages in this update:
kernel-5.16.19-200.fc35
Update description:
The 5.16.19 stable kernel update contains a number of important fixes across the tree.
kernel-5.16.19-100.fc34
Read Time:9 Second
FEDORA-2022-5cd9d787dc
Packages in this update:
kernel-5.16.19-100.fc34
Update description:
The 5.16.19 stable kernel update contains a number of important fixes across the tree.
grafana-7.5.15-1.fc34
Read Time:33 Second
FEDORA-2022-83405f9d5b
Packages in this update:
grafana-7.5.15-1.fc34
Update description:
update to 7.5.15 tagged upstream community sources, see CHANGELOG
resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
resolve CVE-2021-23648 sanitize-url: XSS
resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
declare Node.js dependencies of subpackages
make vendor and webpack tarballs reproducible
grafana-7.5.15-1.fc36
Read Time:33 Second
FEDORA-2022-c5383675d9
Packages in this update:
grafana-7.5.15-1.fc36
Update description:
update to 7.5.15 tagged upstream community sources, see CHANGELOG
resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
resolve CVE-2021-23648 sanitize-url: XSS
resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
declare Node.js dependencies of subpackages
make vendor and webpack tarballs reproducible
grafana-7.5.15-1.fc35
Read Time:33 Second
FEDORA-2022-9dd03cab55
Packages in this update:
grafana-7.5.15-1.fc35
Update description:
update to 7.5.15 tagged upstream community sources, see CHANGELOG
resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
resolve CVE-2021-23648 sanitize-url: XSS
resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
declare Node.js dependencies of subpackages
make vendor and webpack tarballs reproducible
kernel-5.17.2-300.fc36
Read Time:9 Second
FEDORA-2022-af492757d9
Packages in this update:
kernel-5.17.2-300.fc36
Update description:
The 5.17.2 stable kernel update contains a number of important fixes across the tree.
CVE-2020-4668
Read Time:18 Second
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186283.