Quote:
Code:
struct archive_write_filter *f; Always best to check your return values, but this really doesn't look CVE worthy. |
Pipewire 0.3.62
[PATCH] audioconvert: fix distorted audio on AVX2 https://gitlab.freedesktop.org/pipew...d17a4ad6.patch |
SQLite
CVE-2022-46908 Code:
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly |
Xorg & Xwayland
Code:
X.Org Server 21.1.5 was released overnight for a new batch of security vulnerabilities: |
SDL 1.2
CVE-2021-33657 Code:
There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. Code:
Always create a full 256-entry map in case color values are out of range |
Dolphin
Revert "portalize drag urls" Code:
This reverts commit 8d7e600f. |
Quote:
Quote:
|
Pipewire 0.3.63
Issue: Pipewire or wireplumber not remember last routing https://gitlab.freedesktop.org/pipew.../-/issues/2893 Patch: alsa: don´t set -1 as node.target Code:
Leave the target unset when -1, just like what pw-stream does. Issue: No HSP/HFP profiles detected on a specific bluetooth device, after a recent update https://gitlab.freedesktop.org/pipew.../-/issues/2898 Patch: bluez5: backend-native: fix missing brace in CIND reply Code:
It should look like ...,("battchg,(0-5)) not ...,"battchg",(0-5)) |
KScreen
Issue: Code:
Crash after reverting display settings Patch: Fix kcm crash after revert timer reaches timeout Code:
load() was called twice and cause use-after-free. |
Vim
CVE-2023-0049 Code:
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. CVE-2023-0051 Code:
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. |
Quote:
The second one is described in the CVE as a "Heap-based Buffer Overflow" but looking at the commit is another (similar) pedestrian out of bounds read, and also is not a security issue. It's hard to know what to do with things like this. Guess that's what happens when you pay CVE bounties and people fuzz the heck out of something looking for the low hanging fruit. |
Quote:
The best thing to do, then, is to leave the Vim CVEs aside, and let you upgrade from time to time |
php 7.4.33
CVE-2022-31631 Others seem to have applied this patch on 7.x because there will be no other release https://gitweb.gentoo.org/repo/gento...6fc8531576f32e Patch: Fix #81740: PDO::quote() may return unquoted string https://github.com/php/php-src/commi...3f46ae3d8bacba |
libX11 1.8.3
Revert "Update XPutBackEvent() to support clients that put back unpadded events" Code:
This reverts commit d6d6cba9. |
KIO 5.101.0
Bug: Code:
Filter field in save dialog after kio 5.101 is empty Patch: Code:
Restore old behavior for KFileFilterCombo::setFilter |
All times are GMT -5. The time now is 10:27 PM. |