FEDORA-2023-748f1d5710
Packages in this update:
freeimage-3.19.0-0.16.svn1889.fc37
mingw-freeimage-3.19.0-0.14.svn1889.fc37
Update description:
Backport proposed fix for CVE-2021-33367.
freeimage-3.19.0-0.16.svn1889.fc37
mingw-freeimage-3.19.0-0.14.svn1889.fc37
Backport proposed fix for CVE-2021-33367.
freeimage-3.19.0-0.16.svn1889.fc38
mingw-freeimage-3.19.0-0.14.svn1889.fc38
Backport proposed fix for CVE-2021-33367.
Fix FTBFS.
Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation
vulnerability in apport-cli when viewing crash reports and unprivileged
users are allowed to run sudo less. A local attacker on a specially
configured system could use this to escalate their privilege.
It was discovered that Flask-CORS did not properly escape paths before
evaluating resource rules. An attacker could possibly use this to
expose sensitive information.
suricata-6.0.11-1.fc38
Various security, performance, accuracy, and stability issues have been fixed.
suricata-6.0.11-1.fc36
Various security, performance, accuracy, and stability issues have been fixed.
suricata-6.0.11-1.el9
Various security, performance, accuracy, and stability issues have been fixed.
suricata-6.0.11-1.fc37
Various security, performance, accuracy, and stability issues have been fixed.
suricata-6.0.11-1.el8
Various security, performance, accuracy, and stability issues have been fixed.
Hadrien Perrineau discovered that Ghostscript incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service, or possibly execute arbitrary code.