FEDORA-2022-531e531922
Packages in this update:
xen-4.16.0-4.fc36
Update description:
Multiple speculative security issues [XSA-398]
xen-4.16.0-4.fc36
Multiple speculative security issues [XSA-398]
libass-0.15.2-1.fc34
New version
Security fix for CVE-2020-36430
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal.
Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content (even without access to CKEditor themselves) may be able to exploit one or more Cross-Site Scripting (XSS) vulnerabilities to target users with access to the WYSIWYG CKEditor, including site admins with privileged access.
For more information, see CKEditor’s security advisories:
CVE-2022-24728: HTML processing vulnerability allowing to execute JavaScript code
CVE-2022-24729: Regular expression Denial of Service in dialog plugin
This advisory is not covered by Drupal Steward.
Install the latest version:
If you are using Drupal 9.3, update to Drupal 9.3.8.
If you are using Drupal 9.2, update to Drupal 9.2.15.
All versions of Drupal 9 prior to 9.2.x are end-of-life and do not receive security coverage. Note that Drupal 8 has reached its end of life.
Drupal 7 core is not affected, although Drupal 7, 8, and 9 site owners should review their site following the protocol for managing external libraries and plugins previously suggested by the Drupal Security Team, as contributed projects may use additional CKEditor plugins not packaged in Drupal core.
Users of the Webform module should ensure Webform’s version of CKEditor 4 is also up-to-date after updating Drupal core and libraries for any affected contributed modules. If it is not, Webform users can try the following steps to update it:
If using Composer, run drush webform:libraries:composer > DRUPAL_ROOT/composer.libraries.json and run composer update
If using Drush without Composer, run drush webform:libraries:update.
A flaw was found in OpenEXR’s Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193149550
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.