stable
FEDORA-EPEL-2022-30fd5a80a8 created by abo 2 weeks ago for Fedora EPEL 7

This release fixes the following Security Vulnerabilities:

  • CVE-2022-42898 PAC parse integer overflows
  • CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
  • CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
  • CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
  • CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
  • CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec

Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0 on the Common Vulnerability Scoring System (CVSS) v3.

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

This update has been submitted for testing by abo.

2 weeks ago

This update's test gating status has been changed to 'ignored'.

2 weeks ago

abo edited this update.

2 weeks ago

This update has been pushed to testing.

2 weeks ago

This update has been submitted for stable by bodhi.

a week ago

This update has been pushed to stable.

a week ago

Please login to add feedback.

Metadata
Type
security
Severity
urgent
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 weeks ago
in testing
2 weeks ago
in stable
a week ago
modified
2 weeks ago

Automated Test Results