Quote:
From looking at the latest kernel update release candidates, it appears the patches may have already been applied. https://www.linuxquestions.org/quest...ml#post6367105 |
Samba 4.16.4 fixes
Code:
o CVE-2022-2031: Samba AD users can bypass certain restrictions associated with |
xpdf
12 issues have been reported on 16th Aug. 2022 https://github.com/jhcloos/xpdf/issues CVE: https://nvd.nist.gov/vuln/search/res...meSearch=false |
Vim
Code:
Use After Free in GitHub repository vim/vim prior to 9.0.0212 Code:
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0211 Code:
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0210 |
Quote:
|
Quote:
I note that Slackware 15.0 has xpdf-4.03. |
Libtiff (tiffcrop)
Affected version : 4.4.0 Severity : HIGH Code:
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. Code:
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read Code:
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the |
Vim
CVE-2022-2889 Code:
Use After Free in GitHub repository vim/vim prior to 9.0.0224 |
Quote:
# fix CVE-2022-2056 / CVE-2022-2057 / CVE-2022-2058 https://gitlab.com/libtiff/libtiff/-...81ab0fab.patch # fix CVE-2022-34526 https://gitlab.com/libtiff/libtiff/-...f31d1990.patch |
Vim
CVE-2022-2946 Code:
Use After Free in GitHub repository vim/vim prior to 9.0.0245 CVE-2022-2923 Code:
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240 |
Binutils
CVE-2022-38533 Code:
In GNU Binutils before 2.4.0, there is a heap-buffer-overflow in the error function bfd_getl32 |
RPM
CVE-2021-35938 Code:
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials CVE-2021-35937 Code:
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw Note: Fixed in rpm-4.18, which is still in beta stage |
Sox
CVE-2021-33844 Code:
A vulnerability was found in SoX where a divide by zero bug exists in wav.c:967, functon startread. Code:
A vulnerability was found in SoX, where a divide by zero exists in voc.c:334, functon read_samples. Code:
A vulnerability was found in SoX, where a heap overflow was found in hcom.c:161, function startread. Code:
A vulnerability was found in SoX, where a heap based overflow was found in formats_i.c:376, function lsx_read_w_buf. Code:
# using a git snapshot as 14.4.2 has many unfixed security vulns https://sourceforge.net/code-snapsho...addbe65f49.zip |
Vim
CVE-2022-3016 Code:
Use After Free in GitHub repository vim/vim prior to 9.0.0286 |
dnsmasq
CVE-2022-0934 Code:
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker |
All times are GMT -5. The time now is 08:27 PM. |