A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges.
Category Archives: Advisories
CVE-2020-25154
An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious websites.
xen-4.16.1-1.fc36
FEDORA-2022-b50023a180
Packages in this update:
xen-4.16.1-1.fc36
Update description:
update to xen-4.16.1
strip .efi file to help EFI partitions with limited space
Racy interactions between dirty vram tracking and paging log dirty
hypercalls [XSA-397, CVE-2022-26356]
race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]
podman-tui-0.2.1-1.fc35
FEDORA-2022-932d07be95
Packages in this update:
podman-tui-0.2.1-1.fc35
Update description:
Security fix for [CVE-2022-1227]
gzip-1.10-6.fc35
FEDORA-2022-6746dde2a0
Packages in this update:
gzip-1.10-6.fc35
Update description:
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.
reproducer:
$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)
gzip-1.11-3.fc36
FEDORA-2022-eeb6c686c7
Packages in this update:
gzip-1.11-3.fc36
Update description:
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.
reproducer:
$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)
gzip-1.10-5.fc34
FEDORA-2022-6b512ae9e5
Packages in this update:
gzip-1.10-5.fc34
Update description:
zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.
reproducer:
$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz
(the unfixed version of zgrep creates the file called pwned)
dhcp-4.4.2-12.b1.fc34
FEDORA-2022-05918f0838
Packages in this update:
dhcp-4.4.2-12.b1.fc34
Update description:
Security fix for CVE-2021-25220
rsync-3.2.3-6.fc34
FEDORA-2022-dbd2935e44
Packages in this update:
rsync-3.2.3-6.fc34
Update description:
Security fix for CVE-2018-25032
rsync-3.2.3-15.fc36
FEDORA-2022-12b89e2aad
Packages in this update:
rsync-3.2.3-15.fc36
Update description:
Security fix for CVE-2018-25032