mod_auth_openidc-2.4.9.4-1.fc37
Automatic update for mod_auth_openidc-2.4.9.4-1.fc37.
* Thu Mar 31 2022 Tomas Halman <thalman@redhat.com> – 2.4.9.4-1
– Resolves: rhbz#2001647 – CVE-2021-39191 mod_auth_openidc: open redirect
by supplying a crafted URL in the target_link_uri
parameter
Danilo Ramos discovered that rsync incorrectly handled memory when
performing certain zlib deflating operations. An attacker could use this
issue to cause rsync to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.
It was discovered that the network traffic control implementation in the
Linux kernel contained a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-1055)
It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-27666)
It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code.
buildah-1.23.3-1.fc34
Security fix for CVE-2022-27651
Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices.
This issue affects:
Wyze Cam Pan v2
versions prior to 4.49.1.47.
Wyze Cam v2
versions prior to 4.9.8.1002.
Wyze Cam v3
versions prior to 4.36.8.32.
buildah-1.23.3-2.fc35
Security fix for CVE-2022-27651
buildah-1.25.1-1.fc36
Security fix for CVE-2022-27651
Gating tests: include more package versions
Automatic update for buildah-1.24.2-1.fc36.
* Thu Feb 17 2022 Lokesh Mandvekar <lsm5@fedoraproject.org> 1.24.2-1
– bump to v1.24.2
* Fri Feb 4 2022 Lokesh Mandvekar <lsm5@fedoraproject.org> 1.24.1-1
– bump to v1.24.1
Automatic update for buildah-1.24.1-1.fc36.
* Fri Feb 4 2022 Lokesh Mandvekar <lsm5@fedoraproject.org> 1.24.1-1
– bump to v1.24.1
