Quote:
Code:
If you can’t upgrade immediately, the most effective ways to reduce your risk are the following: |
CVE-2022-29458
https://nvd.nist.gov/vuln/detail/CVE-2022-29458 Code:
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation https://invisible-island.net/archive...20416.patch.gz |
Freetype 2.12.0
Code:
src/cff/cffgload.c (cff_slot_load) [FT_CONFIG_OPTION_SVG]:Fix segfault. Patch: https://gitweb.gentoo.org/repo/gento...ault_fix.patch |
Even though this is not technically a security fix, it is worth mentioning the new 5.15.35 kernel has a backported patch that improves performance for alder lake processors. There will probably be a kernel security upgrade in the future so this is not that important but still I thought I would post about it.
https://www.phoronix.com/scan.php?pa...1535-adl&num=1 |
CVE-2022-1420
Code:
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. |
CVE-2022-0742
Linux Kernel up to 5.15.27/5.16.13/5.17-rc7 ICMPv6 Packet igmp6_event_query/igmp6_event_report resource consumption https://vuldb.com/?id.195443 |
CVE-2022-29869
https://nvd.nist.gov/vuln/detail/CVE-2022-29869 Code:
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file https://github.com/piastry/cifs-util...f5a03f83d9c379 |
CVE-2022-1616
https://nvd.nist.gov/vuln/detail/CVE-2022-1616 Code:
Use after free in append_command in GitHub repository vim/vim prior to 8.2. patch 8.2.4895: buffer overflow with invalid command with composing chars https://github.com/vim/vim/commit/d8...1c9f0cab68cc6c |
CVE-2022-30775
Code:
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered |
CVE-2022-1733
https://nvd.nist.gov/vuln/detail/CVE-2022-1733 Code:
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. https://github.com/vim/vim/commit/60...a61cacf220f813 CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 Code:
Buffer Over-read in GitHub repository vim/vim prior to 8.2. https://github.com/vim/vim/commit/47...bb1aad51f8d0b4 |
CVE-2022-30067
https://nvd.nist.gov/vuln/detail/CVE-2022-30067 Code:
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Code:
Jacob Boerema @Wormnest · 2 weeks ago https://gitlab.gnome.org/GNOME/gimp/...d38a99d71214b6 |
CVE-2022-1771
https://nvd.nist.gov/vuln/detail/CVE-2022-1771 Code:
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. https://github.com/vim/vim/commit/51...a59880d1ee37a8 |
icu4c 71.1
CVE-2022-1638 patch from Gentoo: Code:
Fix int32 overflow in FormattedStringBuilder |
CVE-2022-1785
https://nvd.nist.gov/vuln/detail/CVE-2022-1785 patch 8.2.4977: memory access error when substitute expression changes window https://github.com/vim/vim/commit/e2...cba8b1dba18839 |
CVE-2019-16707
https://nvd.nist.gov/vuln/detail/CVE-2019-16707 Code:
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. https://gitweb.gentoo.org/repo/gento...19-16707.patch |
All times are GMT -5. The time now is 10:58 AM. |