FEDORA-EPEL-2024-5253d48b14

Packages in this update:

w3m-0.5.3-63.git20230121.el7

Update description:

Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)

Read More

FEDORA-EPEL-2024-bf31852fe0

Packages in this update:

w3m-0.5.3-63.git20230121.el8

Update description:

Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)

Read More

FEDORA-EPEL-2024-0398ebbbfa

Packages in this update:

w3m-0.5.3-63.git20230121.el9

Update description:

Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)

Read More

FEDORA-2024-38c2261ca0

Packages in this update:

w3m-0.5.3-63.git20230121.fc38

Update description:

Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)

Read More

FEDORA-2024-aeb75f8b5b

Packages in this update:

w3m-0.5.3-63.git20230121.fc40

Update description:

Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)

Read More

FEDORA-2024-3fc66f8bf3

Packages in this update:

w3m-0.5.3-63.git20230121.fc39

Update description:

Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)

Read More

Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)

It was discovered that the Quick Fair Queueing scheduler implementation in
the Linux kernel did not properly handle network packets in certain
conditions, leading to a use after free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4921)

It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)

Read More

FEDORA-2024-5f94556a31

Packages in this update:

libreoffice-24.2.1.2-5.fc40

Update description:

Patch for kf6/Qt6 scaling

Updated conditionals for kf* subpackages

24.2.1.2, include kf6.

Read More

Zhen Zhou discovered that Vim did not properly manage memory. An
attacker could possibly use this issue to cause a denial of service

Read More

FEDORA-2024-ed884c3203

Packages in this update:

postgresql-jdbc-42.7.3-1.fc40

Update description:

This rebase fixes CVE-2024-1597.

Read More