FEDORA-2023-2db4df65c3
Packages in this update:
vim-9.0.1293-1.fc37
Update description:
The newest upstream commit
Security fixes for CVE-2023-0433, CVE-2022-47024
vim-9.0.1293-1.fc37
The newest upstream commit
Security fixes for CVE-2023-0433, CVE-2022-47024
qt5-qtbase-5.15.8-5.fc36
Fix a possible DOS involving the Qt SQL ODBC driver plugin.
USN-5835-1 fixed vulnerabilities in Cinder. This update provides the
corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was
fixed for Ubuntu 20.04 LTS.
Original advisory details:
Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou
discovered that Cinder incorrectly handled VMDK image processing. An
authenticated attacker could possibly supply a specially crafted VMDK flat
image and obtain arbitrary files from the server containing sensitive
information.
qt5-qtbase-5.15.8-5.fc37
qt6-qtbase-6.4.2-4.fc37
Fix a possible DOS involving the Qt SQL ODBC driver plugin.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.