The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.
Category Archives: Advisories
USN-5376-2: Git vulnerability
USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding
updates for Ubuntu 22.04 LTS.
Original advisory details:
俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.
freerdp-2.7.0-1.fc34
FEDORA-2022-b0a47f8060
Packages in this update:
freerdp-2.7.0-1.fc34
Update description:
Update to 2.7.0.
Security fixes for CVE-2022-24882, CVE-2022-24883.
freerdp-2.7.0-1.fc35
FEDORA-2022-a3e03a200b
Packages in this update:
freerdp-2.7.0-1.fc35
Update description:
Update to 2.7.0.
Security fixes for CVE-2022-24882, CVE-2022-24883.
freerdp-2.7.0-1.fc36
FEDORA-2022-dc48a89918
Packages in this update:
freerdp-2.7.0-1.fc36
Update description:
Update to 2.7.0.
Security fixes for CVE-2022-24882, CVE-2022-24883.
CVE-2019-25059
Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.
chromium-100.0.4896.127-1.fc34
FEDORA-2022-17aa1c62da
Packages in this update:
chromium-100.0.4896.127-1.fc34
Update description:
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update.
Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364
chromium-100.0.4896.127-1.fc35
FEDORA-2022-0f14e2308e
Packages in this update:
chromium-100.0.4896.127-1.fc35
Update description:
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update.
Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364
chromium-100.0.4896.127-1.fc36
FEDORA-2022-59297c8fcd
Packages in this update:
chromium-100.0.4896.127-1.fc36
Update description:
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update.
Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364
DSA-5124 ffmpeg – security update
Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.