In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang 
in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability 
to cause a denial of service via a crafted lrz file.

Fix out-of-bounds memcpy in gnutls_realloc_zero()

Submitted By:            Douglas R. Reno <renodr at linuxfromscratch dot org>
Date:                    2022-05-26
Initial Package Version: 2.53.12
Origin:                  Self
Upstream Status:         Not Applied, but backport submitted
Description:             Fixes CVE-2022-1802 in Seamonkey, which is an actively
                         exploited remote code execution vulnerability in the
                         JavaScript subsystem. This has been rated by Critical as
                         upstream, and backports the fix for this bug in Firefox.
                         This has been submitted to upstream as TESTED.

XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop 
file on an attacker-controlled FTP server.

# diff -Naur vuln-5.15.47.kjh.txt vuln-5.15.48.kjh.txt

--- vuln-5.15.47.kjh.txt        2022-06-17 06:01:50.766998851 -0500
+++ vuln-5.15.48.kjh.txt        2022-06-17 06:21:59.038889758 -0500
@@ -1,11 +1,11 @@
-Fri Jun 17 06:01:50 CDT 2022
+Fri Jun 17 06:21:59 CDT 2022
 
-  Linux kjhlt7.kjh.home 5.15.47.kjh #1 SMP PREEMPT Tue Jun 14 13:55:59 CDT 2022 x86_64 11th Gen Intel(R) Core(TM) i9-11900K @ 3.50GHz GenuineIntel GNU/Linux
+  Linux kjhlt7.kjh.home 5.15.48.kjh #1 SMP PREEMPT Thu Jun 16 09:12:49 CDT 2022 x86_64 11th Gen Intel(R) Core(TM) i9-11900K @ 3.50GHz GenuineIntel GNU/Linux
 
   dmesg
     microcode: microcode updated early to revision 0x53, date = 2022-03-09
-    Linux version 5.15.47.kjh (root@kjhlt7.kjh.home) (gcc (GCC) 11.2.0, GNU ld version 2.37-slack15) #1 SMP PREEMPT Tue Jun 14 13:55:59 CDT 2022
-    Command line: BOOT_IMAGE=/boot/vmlinuz-generic-5.15.47.kjh root=UUID=6c71cd77-2463-408e-a992-ad6064b0651b ro nvidia-drm.modeset=1
+    Linux version 5.15.48.kjh (root@kjhlt7.kjh.home) (gcc (GCC) 11.2.0, GNU ld version 2.37-slack15) #1 SMP PREEMPT Thu Jun 16 09:12:49 CDT 2022
+    Command line: BOOT_IMAGE=/boot/vmlinuz-generic-5.15.48.kjh root=UUID=6c71cd77-2463-408e-a992-ad6064b0651b ro nvidia-drm.modeset=1
     DMI: Notebook X170KM-G/X170KM-G, BIOS 1.07.06LS1 01/11/2020
 
   cpuinfo
@@ -15,13 +15,14 @@
     UCode Pkg:  intel-microcode-20220510-noarch-1_SBo_kjh  ( updated May 18 13:20 )
     UCode File: /lib/firmware/intel-ucode/06-a7-01         ( updated May 18 13:19 )
     UCode Info: 001/001: sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424
-    CPU bugs:   spectre_v1, spectre_v2, spec_store_bypass, swapgs
+    CPU bugs:   spectre_v1, spectre_v2, spec_store_bypass, swapgs, mmio_stale_data
 
   vulnerability and mitigation files in /sys/devices/system/cpu/vulnerabilities/
     itlb_multihit:       Not affected
     l1tf:                Not affected
     mds:                 Not affected
     meltdown:            Not affected
+    mmio_stale_data:     Mitigation: Clear CPU buffers; SMT vulnerable
     spec_store_bypass:   Mitigation: Speculative Store Bypass disabled via prctl and seccomp
     spectre_v1:          Mitigation: usercopy/swapgs barriers and __user pointer sanitization

+--------------------------+
Wed Jan 26 04:37:35 UTC 2022
l/polkit-0.120-i586-2.txz: Rebuilt.
[PATCH] pkexec: local privilege escalation.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://blog.qualys.com/vulnerabilit...-cve-2021-4034
https://cve.mitre.org/cgi-bin/cvenam...=CVE-2021-4034
(* Security fix *)
+--------------------------+

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key 
information from a victim's keyring and other constraints (e.g., use of GPGME) are met, 
allows signature forgery via injection into the status line.