Post Content
Category Archives: Advisories
DSA-5103 openssl – security update
Tavis Ormandy discovered that the BN_mod_sqrt() function of OpenSSL
could be tricked into an infinite loop. This could result in denial of
service via malformed certificates.
libcaca-0.99-0.59.beta20.fc35
FEDORA-2022-fc6b53e7a2
Packages in this update:
libcaca-0.99-0.59.beta20.fc35
Update description:
Clean up SPEC file.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).
libcaca-0.99-0.59.beta20.fc34
FEDORA-2022-e3b9986722
Packages in this update:
libcaca-0.99-0.59.beta20.fc34
Update description:
Clean up SPEC file.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).
libcaca-0.99-0.59.beta20.fc36
FEDORA-2022-3d291845d8
Packages in this update:
libcaca-0.99-0.59.beta20.fc36
Update description:
Clean up SPEC file.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).
libcaca-0.99-0.40.beta20.el7
FEDORA-EPEL-2022-03421505cb
Packages in this update:
libcaca-0.99-0.40.beta20.el7
Update description:
Clean up SPEC file.
Update to beta20.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).
libcaca-0.99-0.59.beta20.el8
FEDORA-EPEL-2022-42af0c4375
Packages in this update:
libcaca-0.99-0.59.beta20.el8
Update description:
Clean up SPEC file.
Update to beta20.
CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860).
CVE-2021-30498 (#1948677).
CVE-2021-30499 (#1948681).
CVE-2021-3410 (#1931971).
xen-4.15.2-2.fc35
FEDORA-2022-011c2a9ba8
Packages in this update:
xen-4.15.2-2.fc35
Update description:
Multiple speculative security issues [XSA-398]
Post Title
Multiple vulnerabilities have been discovered in Veeam Backup & Replication that could allow for remote code execution. Veeam Backup & Replication is a backup solutions for virtual environments. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of the application. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
USN-5325-1: Zsh vulnerabilities
Sam Foxman discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this issue to regain dropped privileges.
(CVE-2019-20044)
It was discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-45444)