Posted by Kelvin Yip on Mar 14

Hi Team,

Here is the exploit information for CVE-2021-45040.

Below is summary of timeline for reference:

1. Contact developer (security contact: Freek) regarding the vulnerability at Mon 12/13/2021 11:42 AM (GMT+8)
2. Contact CERT.org at Mon 12/13/2021 10:36 PM
3. Submit CVE Request to Mitre at Mon 12/13/2021 11:30 PM
4. No response from vendor until now.
5. Possible solution had been documented by our research team:…

Read More

FEDORA-2022-0b216519ff

Packages in this update:

cabal-rpm-2.0.11-1.fc36

Update description:

take build-tool-depends into account (#65)
‘spec’,’update’: detect autorelease and preserve autochangelog (#66)
‘spec –standalone’: strip executable
support _builddir

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Tavis Ormandy discovered that the BN_mod_sqrt() function of OpenSSL
could be tricked into an infinite loop. This could result in denial of
service via malformed certificates.

Read More

FEDORA-2022-fc6b53e7a2

Packages in this update:

libcaca-0.99-0.59.beta20.fc35

Update description:

Clean up SPEC file.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).

Read More

FEDORA-2022-e3b9986722

Packages in this update:

libcaca-0.99-0.59.beta20.fc34

Update description:

Clean up SPEC file.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).

Read More

FEDORA-2022-3d291845d8

Packages in this update:

libcaca-0.99-0.59.beta20.fc36

Update description:

Clean up SPEC file.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).

Read More