FEDORA-2022-dba9ba8e2b
Packages in this update:
heimdal-7.7.1-3.fc36
Update description:
Fixes:
Delay service starts until after network is online (rhbz#2005501)
Restart services on package update (will apply when updating from this release)
This release fixes the following Security Vulnerabilities:
CVE-2022-42898 PAC parse integer overflows
CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0 on the Common Vulnerability Scoring System (CVSS) v3.
More Stories
tpm2-tools-5.7-1.fc40 tpm2-tss-4.1.0-1.fc40
FEDORA-2024-0c9d3b51d4 Packages in this update: tpm2-tools-5.7-1.fc40 tpm2-tss-4.1.0-1.fc40 Update description: tpm2-tss: Fixed CVE-2024-29040 tpm2-tools: Fixed CVE-2024-29038 Fixed CVE-2024-29039 Read More
tpm2-tools-5.5.1-1.fc39 tpm2-tss-4.0.2-1.fc39
FEDORA-2024-4512dc54af Packages in this update: tpm2-tools-5.5.1-1.fc39 tpm2-tss-4.0.2-1.fc39 Update description: tpm2-tss: Fixed CVE-2024-29040 tpm2-tools: Fixed CVE-2024-29038 Fixed CVE-2024-29039 Read More
tpm2-tools-5.5.1-1.fc38 tpm2-tss-4.0.2-1.fc38
FEDORA-2024-3265d70b61 Packages in this update: tpm2-tools-5.5.1-1.fc38 tpm2-tss-4.0.2-1.fc38 Update description: tpm2-tss: Fixed CVE-2024-29040 tpm2-tools: Fixed CVE-2024-29038 Fixed CVE-2024-29039 Read More
webkit2gtk4.0-2.44.1-1.fc40
FEDORA-2024-a1246372a4 Packages in this update: webkit2gtk4.0-2.44.1-1.fc40 Update description: Update to 2.44.1 Read More
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040)
What is the vulnerability? A zero-day security vulnerability has been uncovered in an enterprise file-transfer software CrushFTP. The vulnerability tagged...
gdcm-3.0.23-5.fc39
FEDORA-2024-11821b16ac Packages in this update: gdcm-3.0.23-5.fc39 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...