** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.
Category Archives: Advisories
CVE-2021-22687
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.
python-pillow-9.0.1-6.fc36
FEDORA-2022-2e4c6ac063
Packages in this update:
python-pillow-9.0.1-6.fc36
Update description:
Fix incorrect mingw package name.
usbguard-1.1.0-1.fc36
FEDORA-2022-1f97de95ba
Packages in this update:
usbguard-1.1.0-1.fc36
Update description:
Security fix for CVE-2019-25058
usbguard-1.1.0-1.fc34
FEDORA-2022-668038c1da
Packages in this update:
usbguard-1.1.0-1.fc34
Update description:
Security fix for CVE-2019-25058
usbguard-1.1.0-1.fc35
FEDORA-2022-0b97f87195
Packages in this update:
usbguard-1.1.0-1.fc35
Update description:
Security fix for CVE-2019-25058
USN-5311-1: containerd vulnerability
It was discovered that containerd allows attackers to gain access to read-
only copies of arbitrary files and directories on the host via a specially-
crafted image configuration. An attacker could possibly use this issue to
obtain sensitive information.
usbguard-1.1.0-1.fc37
FEDORA-2022-1869fe2aec
Packages in this update:
usbguard-1.1.0-1.fc37
Update description:
Automatic update for usbguard-1.1.0-1.fc37.
Changelog
* Thu Mar 3 2022 Radovan Sroka <rsroka@redhat.com> – 1.1.0-1
– rebase to 1.1.0
Resolves: rhbz#2058450
– fixed CVE-2019-25058 usbguard: Fix unauthorized access via D-Bus
Resolves: rhbz#2058466
USN-5300-2: PHP vulnerabilities
USN-5300-1 fixed vulnerabilities in PHP. This update provides the
corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that PHP incorrectly handled certain scripts.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly obtain sensitive information. (CVE-2017-9119)
It was discovered that PHP incorrectly handled certain scripts with XML
parsing functions.
An attacker could possibly use this issue to obtain sensitive information.
(CVE-2021-21707)
USN-5312-1: HAProxy vulnerability
It was discovered that HAProxy incorrectly handled certain headers. A
remote attacker could possibly use this issue to cause HAProxy to stop
responding, resulting in a denial of service.