Read Time:9 Second
FEDORA-2022-62ac7b3744
Packages in this update:
gnutls-3.7.2-3.fc35
Update description:
Security fix for https://www.gnutls.org/security-new.html#GNUTLS-SA-2022-01-17
Category Archives: Advisories
CVE-2019-25058
Read Time:10 Second
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.
CVE-2020-27467
Read Time:6 Second
A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.
USN-5292-4: snapd regression
Read Time:55 Second
USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced
a regression that could break the fish shell. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
flac-1.3.4-1.fc36
Read Time:6 Second
FEDORA-2022-ee96acc54f
Packages in this update:
flac-1.3.4-1.fc36
Update description:
Security fix for CVE-2021-0561
flac-1.3.4-1.fc35
Read Time:6 Second
FEDORA-2022-db30f1bd42
Packages in this update:
flac-1.3.4-1.fc35
Update description:
Security fix for CVE-2021-0561
vim-8.2.4460-1.fc34
Read Time:22 Second
FEDORA-2022-48bf3cb1c4
Packages in this update:
vim-8.2.4460-1.fc34
Update description:
Security fix for CVE-2022-0554
Security fixes for CVE-2022-0714, CVE-2022-0729
Security fix for CVE-2022-0696
Security fix for CVE-2022-0629
Security fix for CVE-2022-0572
Security fixes for CVE-2022-0408, CVE-2022-0413, CVE-2022-0393, CVE-2022-0417, CVE-2022-0443
Security fix for CVE-2022-0685
vim-8.2.4460-1.fc35
Read Time:9 Second
FEDORA-2022-63ca9a1129
Packages in this update:
vim-8.2.4460-1.fc35
Update description:
The newest upstream commit
Security fixes for CVE-2022-0714, CVE-2022-0729
vim-8.2.4460-1.fc36
Read Time:9 Second
FEDORA-2022-03cba3a31e
Packages in this update:
vim-8.2.4460-1.fc36
Update description:
The newest upstream commit
Security fixes for CVE-2022-0714, CVE-2022-0729
syncthing-1.18.6-3.el8
Read Time:15 Second
FEDORA-EPEL-2022-17ae719cb2
Packages in this update:
syncthing-1.18.6-3.el8
Update description:
This is a substantial update from 1.8.0 to 1.18.6. Notably this brings in the fix for CVE-2021-21404. The upstream version documentation says this update should be protocol compatible.