514 matches found
Fix of CVE: CVE-2022-0261, CVE-2022-0213
CVE-2022-0213: fix going over the end of status line buffer - CVE-2022-0261: fix block insert goes over the end of the line...
Fix of CVE: CVE-2021-27135
CVE-2021-27135: fix crash when processing combining characters...
Update of kernel-doc, kernel-abi-whitelists, kernel-firmware
...
Update of openssl-static, openssl-devel, openssl-perl, openssl, openssl, openssl-devel
...
Security fix for CVE-2019-10160
Security fix for CVE-2019-10160 Resolves: rhbz1716744...
sudo: Fix of CVE-2023-42465
Remove sudo-1.9.15-CVE-2023-42465.patch due to bug...
krb5: Fix of CVE-2022-42898
CVE-2022-42898: Fix integer overflows in PAC parsing - A test-suite was activated...
Fixed CVE-2022-3256 in vim
CVE-2022-3256: copy the mark before editing another buffer...
Fixed CVE-2022-28614 in httpd
CVE-2022-28614: fix out-of-bounds read via aprwrite, refactoring...
Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443
CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'...
Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-3984, CVE-2021-4069
CVE-2021-3974: fix using freed memory with regexp using a mark - CVE-2021-3984: fix illegal memory access when C-indenting - CVE-2021-3973: fix crash when using CTRL-W f without finding a file name - CVE-2021-4019: fix buffer overflow with long help argument - CVE-2021-4069: fix using freed...
Fix of CVE: CVE-2020-35452
CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...
Update of libcurl, libcurl-devel, libcurl-devel, curl, libcurl
...
Update of nginx-mod-http-image-filter, nginx-mod-http-geoip, nginx-mod-http-perl, nginx, nginx-filesystem, nginx-mod-stream, nginx-mod-http-xslt-filter, nginx-mod-mail, nginx-all-modules
...
quagga: Fix of 2 CVEs
CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero...
curl: Fix of CVE-2023-38546
CVE-2023-38546: cookie: remove unnecessary struct fields - Rebuild expired test certificates...
samba: Fix of CVE-2022-2127
CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request...
Fixed CVE-2022-2042 in vim
CVE-2022-2042: fix using uninitialized value and freed memory in spell command...
Fix of CVE: CVE-2021-44038
CVE-2021-44038: low privilege escalation during package installation/update due to insecure chmod in spec file...
Fix of CVE: CVE-2021-3928, CVE-2021-3927
CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...
Fix of CVE: CVE-2021-3326, CVE-2021-43396
CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...
Fix of CVE: CVE-2020-10543
CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun...
Fix of CVE: CVE-2020-24513, CVE-2020-24489, CVE-2020-24512, CVE-2020-24511
Do not use "grep -q" in a pipe in checkcaveats. - Update Intel CPU microcode to microcode-20210608 release: - Fixes in releasenote.md file. - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 1962659, 1962709,...
Fix of CVE: CVE-2021-22924
fix connection reuse checks for issuer cert and case sensitivity CVE-2021-22924...
Fix of CVE: CVE-2020-8625
Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation CVE-2020-8625...
Fix of CVE: CVE-2020-14058, CVE-2020-15049
CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack...
vim: Fix of CVE-2023-0433
CVE-2023-0433: check for not going over the end of the line...
libxml2: Fix of 2 CVEs
CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...
Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-4069, CVE-2021-3984
CVE-2021-3974: fix using freed memory with regexp using a mark - CVE-2021-3984: fix illegal memory access when C-indenting - CVE-2021-3973: fix crash when using CTRL-W f without finding a file name - CVE-2021-4019: fix buffer overflow with long help argument - CVE-2021-4069: fix using freed...
Fix of CVE: CVE-2021-25219
CVE-2021-25219: Fix resolver performance degradation via lame cache abuse...
squid34: Fix of CVE-2023-50269
CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS...
kernel: Fix of 10 CVEs
openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...
java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake 8294474 - CVE-2023-21937: Missing string checks for NULL characters 8296622 - CVE-2023-21938: Incorrect handling of NULL characters in...
vim: Fix of CVE-2023-2609
CVE-2023-2609: check "yarray" is not NULL...
Update of microcode_ctl
Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode in microcode.dat at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode in microcode.dat at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode in microcode.dat at revision 0x2b000181; -...
vim: Fix of CVE-2023-1170
CVE-2023-1170: adjust the cursor column if needed...
vim: Fix of CVE-2023-1175
CVE-2023-1175: make sure "startspaces" is not negative...
vim: Fix of CVE-2022-4292
CVE-2022-4292: bail out if the window no longer exists...
expat: Fix of CVE-2022-43680
CVE-2022-43680: Fix overeager DTD destruction...
Fix of CVE: CVE-2021-28651
CVE-2021-28651: fix memory leak leading to denial of service...
Fix of CVE: CVE-2021-4192, CVE-2021-4193
CVE-2021-4192: fix using freed memory in /%V - CVE-2021-4193: fix going beyond the end of the line with /%V...
vim: Fix of 2 CVEs
CVE-2023-5441: segfault in exmode - CVE-2023-5344: buffer overflow in truncstring...
microcode_ctl: Fix of CVE-2022-40982
Update Intel CPU microcode to microcode-20230808 release addresses CVE-2022-40982: - Addition of 06-ba-02/0xe0 microcode in microcode.dat at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode in microcode.dat at revision 0x4119; - Addition of 06-ba-03/0xe0 microcode in microcode.dat at...
sqlite: Fix of CVE-2022-35737
CVE-2022-35737: fix a buffer overflow...
Fix of CVE: CVE-2021-27212
CVE-2021-27212: fix DoS via malicious packet...
Fix of CVE: CVE-2021-25219
CVE-2021-25219: Fix resolver performance degradation via lame cache abuse...
Fix of CVE: CVE-2021-22898
check sscanf for correct number of matches CVE-2021-22898...
Update of libcurl-devel, libcurl-devel, libcurl, curl, libcurl
...
Update of kernel-firmware, kernel-doc, kernel-abi-whitelists
...
haproxy: Fix of CVE-2023-45539
CVE-2023-45539: do not accept '' as part of the URI component...