514 matches found
Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
CVE-2022-1785: fix out-of-bounds write by disallowing changing window in substitute expression - CVE-2022-1796: fix use after free by making a copy of a line...
Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler -...
Fixed CVE-2021-33582 in cyrus-imapd
CVE-2021-33582: Fix a bad string hashing algorithm which could lead to collisions and cause a CPU denial of service...
Fixed CVEs in vim: CVE-2022-1735, CVE-2022-1733
CVE-2022-1733: fix reading past end of the line when C-indenting - CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode...
Fixed CVEs in vim: CVE-2022-1620, CVE-2022-1616, CVE-2022-1629, CVE-2022-1621, CVE-2022-1619
CVE-2022-1619: fix going before the command line start with latin1 encoding - CVE-2022-1620: fix NULL pointer dereference when using invalig regexp - CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood - CVE-2022-1629: fix reading past end of line if ended with trailing backslash -...
Fixed CVE-2022-1271 in gzip
CVE-2022-1271: Fix arbitrary file override with crafted file names...
Fixed CVE-2018-25032 in rsync
CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches...
Fixed CVE-2018-25032 in zlib
CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches...
Fix of CVE: CVE-2021-0920, CVE-2022-0492, CVE-2020-0466, CVE-2021-4155
cgroup-v1: Require capabilities to set releaseagent ELSCVE-3555 CVE-2022-0492 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate ELSCVE-3891 CVE-2021-4155 - afunix: fix garbage collect vs MSGPEEK ELSCVE-3728 CVE-2021-0920 - epoll: Keep a reference on files added to the check...
Fix of CVE: CVE-2020-0466, CVE-2022-0492, CVE-2021-4155, CVE-2021-0920
cgroup-v1: Require capabilities to set releaseagent ELSCVE-3555 CVE-2022-0492 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate ELSCVE-3891 CVE-2021-4155 - afunix: fix garbage collect vs MSGPEEK ELSCVE-3728 CVE-2021-0920 - epoll: Keep a reference on files added to the check...
Fix of CVE: CVE-2019-18276
CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...
Fix of CVE: CVE-2019-18276
CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...
Update of kernel, kernel-headers, kernel-debug-devel, kernel-debug, perf, python-perf, kernel-debug-devel, kernel-devel
KB-127: Bump version separete fw build...
Update of kernel-firmware, kernel-abi-whitelists, kernel-doc
KB-127: Bump version separete fw build...
Fix of 13 CVEs
CKSIX-267: USB: hso: Fix OOB memory access in hsoprobe/hsogetconfigdata - CKSIX-267: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch - CKSIX-267: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgaconinvertregion - CKSIX-267: CVE-2020-14331: vgacon: Fix for...
Update of els-define
Add OracleLinux support...
Fix of CVE: CVE-2021-27135
CVE-2021-27135: fix crash when processing combining characters...
Fix of CVE: CVE-2021-28651
CVE-2021-28651: fix memory leak leading to denial of service...
Update of php 5.3: Remove mariadb102 patch to eliminate faulty functionality
Remove mariadb102 patch to eliminate faulty functionality...
Update of php 5.3: Fix segfault during graceful Apache restart
ELS-42: Fix segfault during graceful Apache restart...
Fix of CVE: CVE-2022-28390, CVE-2021-3609
can: emsusb: emsusbstartxmit: fix double devkfreeskb in error path ELSCVE-3847 CVE-2022-28390 - can: bcm: delay release of struct bcmop after synchronizercu ELSCVE-1694 CVE-2021-3609...
Fix of CVE: CVE-2021-3609, CVE-2022-28390
can: emsusb: emsusbstartxmit: fix double devkfreeskb in error path ELSCVE-3847 CVE-2022-28390 - can: bcm: delay release of struct bcmop after synchronizercu ELSCVE-1694 CVE-2021-3609...
Fix of CVE: CVE-2022-28391
CVE-2022-28391: fix possible terminal injection attacks from DNS query results...
Update of microcode_ctl
Update Intel CPU microcode to microcode-20220207 release: - Fixes in releasenote.md file...
Fix of CVE: CVE-2022-1154
CVE-2022-1154: fix buffer usage after free...
Fix of CVE: CVE-2021-3618
CVE-2021-3618: drop the connection after reaching the specified number of invalid protocol commmands...
Fix of CVE: CVE-2021-25220
CVE-2021-25220: fix possible cache poisoning from forwarder responses...
Fix of CVE: CVE-2022-0547
CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins...
Fix of CVE: CVE-2022-0943
CVE-2022-0943: fix heap-based buffer overflow...
Fix of CVE: CVE-2021-3999
CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...
Fix of CVE: CVE-2022-22721, CVE-2022-22720
CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory...
Fix of CVE: CVE-2021-3737
CVE-2021-3737: Fix HTTP client infinite line reading DoS after receiving a '100 Continue' HTTP response...
Fix of CVE: CVE-2022-0778
CVE-2022-0778: Fix possible infinite loop in BNmodsqrt...
Fix of CVE: CVE-2022-23308
CVE-2022-23308: fix use-after-free of ID and IDREF attributes...
Update of ca-certificates
remove old certificate - Removing: - Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "GeoTrust Global CA" - Certificate "GeoTrust Universal...
Fix of CVE: CVE-2022-0554, CVE-2022-0729, CVE-2022-0685, CVE-2022-0572
CVE-2022-0554: fix ending up with no current buffer - CVE-2022-0572: fix crashing when repeatedly using :retab - CVE-2022-0685: fix crashing when using special multi-byte character - CVE-2022-0729: fix crashing with specific regexp pattern and string...
Fix of CVE: CVE-2022-0391
CVE-2022-0391: Add stripping ASCII newline and tabs from the url by urllib.parse...
Fix of CVE: CVE-2022-24407
CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands...
Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443
CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'...
Fix of CVE: CVE-2022-0351, CVE-2022-0368, CVE-2022-0359, CVE-2022-0361
CVE-2022-0351: fix crash caused by too depth recursion - CVE-2022-0359: fix illegal memory access with large tabstop in ex mode - CVE-2022-0361: fix illegal memory access when copying lines in visual mode - CVE-2022-0368: fix illegal memory access when undo makes visual area invalid...
Fix of CVE: CVE-2022-23307, CVE-2022-23302
CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink...
Fix of CVE: CVE-2022-23305
CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...
Fix of CVE: CVE-2022-23218, CVE-2022-23219
CVE-2022-23218: fix possible buffer overflow in svcunixcreate - CVE-2022-23219: fix possible buffer overflow in clntcreate...
Fix of CVE: CVE-2022-0261, CVE-2022-0213
CVE-2022-0213: fix going over the end of status line buffer - CVE-2022-0261: fix block insert goes over the end of the line...
Fix of CVE: CVE-2021-4034
CVE-2021-4034: pkexec: argv overflow results in local privilege esc...
Fix of CVE: CVE-2021-44038
CVE-2021-44038: low privilege escalation during package installation/update due to insecure chmod in spec file...
Fix of CVE: CVE-2021-4104
CVE-2021-4104: Fix remote code execution vulnerability...
Fix of CVE: CVE-2021-4192, CVE-2021-4193
CVE-2021-4192: fix using freed memory in /%V - CVE-2021-4193: fix going beyond the end of the line with /%V...
Fix of CVE: CVE-2021-3800
CVE-2021-3800: Fix privilege escalation...
Fix of 14 CVEs
CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...