CLSA-2022-1660064249 Fix CVE(s): CVE-2022-21434, CVE-2022-21426, CVE-2022-21443, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21476, CVE-2022-21496

Backport upstream releases 8u342 and 8u332 to 16.04 LTS Security fixes in 8u342: - JDK-8272243: Improve DER parsing - JDK-8272249: Better properties of loaded Properties - JDK-8277608: Address IP Addressing - JDK-8281859, CVE-2022-21540: Improve class compilation - JDK-8281866, CVE-2022-21541:...

parse-url 代码问题漏洞

parse-url is an advanced url parser with git url support from the individual developer Ionică Bizău. A code issue vulnerability exists in parse-url versions prior to 7.0.0, which stems from improper handling of usernames and passwords, undetected hostnames, and can be exploited by an attacker to...

Fedora 29 : php-tcpdf (2018-ab7b7d0caf)

Version 6.2.25 - Fix support for image URLs. ---- Version 6.2.24 - Support remote urls when checking if file exists. ---- Version 6.2.23 - Simplify fileexists function. ---- Version 6.2.20 - Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization o...

[SECURITY] Fedora 20 Update: curl-7.32.0-17.fc20

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Fedora 21 : nodejs-0.10.32-1.fc21 / v8-3.14.5.10-14.fc21 (2014-11132)

This update provides the latest stable version of Node.js and corresponding backports to the v8 package. This update resolves CVE-2013-6668, which has only a minor impact since Node.js is not typically used to execute untrusted JavaScript. For more information on the fixed vulnerability, please s...