https://bugzilla.redhat.com/show_bug.cgi?id=2173706
Bug ID: 2173706
Summary: CVE-2021-438450 CVE-2021-438451 CVE-2022-217221
CVE-2022-247541 CVE-2022-247542 CVE-2022-247631
CVE-2022-247633 CVE-2022-247641 CVE-2022-247644
CVE-2022-247931 CVE-2022-247935 asterisk: pjsip:
Multiple Vulnerabilities [fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: asterisk
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jsmith.fedora(a)gmail.com
Reporter: psampaio(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: bennie.joubert(a)jsdaav.com,
epel-packagers-sig(a)lists.fedoraproject.org,
jsmith.fedora(a)gmail.com, rbryant(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2173705
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2173706
https://bugzilla.redhat.com/show_bug.cgi?id=2173701
Bug ID: 2173701
Summary: CVE-2021-41141 CVE-2021-43845 CVE-2022-24754
CVE-2022-24763 CVE-2022-24786 CVE-2022-24792
CVE-2022-24793 asterisk: pjsip: Multiple
vulnerabilities [fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: asterisk
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jsmith.fedora(a)gmail.com
Reporter: psampaio(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: bennie.joubert(a)jsdaav.com,
epel-packagers-sig(a)lists.fedoraproject.org,
jsmith.fedora(a)gmail.com, rbryant(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2173699
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2173701
https://bugzilla.redhat.com/show_bug.cgi?id=2173204
Bug ID: 2173204
Summary: [abrt] gnome-calendar: g_type_check_instance_cast():
gnome-calendar killed by SIGSEGV
Product: Fedora
Version: 37
Hardware: x86_64
Status: NEW
Whiteboard: abrt_hash:097a7df52881ab113babff5506fdfdc0bb63e8d1;VAR
IANT_ID=workstation;
Component: gnome-calendar
Assignee: gnome-sig(a)lists.fedoraproject.org
Reporter: mohamed.b.baig(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
gnome-sig(a)lists.fedoraproject.org,
igor.raits(a)gmail.com, klember(a)redhat.com
Target Milestone: ---
Classification: Fedora
Description of problem:
Clicked to future day from the left nav then clicked back on today's date
Version-Release number of selected component:
gnome-calendar-43.1-3.fc37
Additional info:
reporter: libreport-2.17.4
backtrace_rating: 4
cgroup:
0::/user.slice/user-1000.slice/user@1000.service/app.slice/dbus-:1.2-org.gnome.Calendar@0.service
cmdline: /usr/bin/gnome-calendar --gapplication-service
crash_function: g_type_check_instance_cast
executable: /usr/bin/gnome-calendar
journald_cursor:
s=829bd94ca3fa4b64af263b98ea52b01f;i=da28c;b=5b2b156c38514bbe8228dc075ef7c8fa;m=2747c93f6;t=5f575d1e7b057;x=8f8db0b61ac96f1c
kernel: 6.1.13-200.fc37.x86_64
rootdir: /
runlevel: N 5
type: CCpp
uid: 1000
Truncated backtrace:
Thread no. 1 (7 frames)
#0 g_type_check_instance_cast at ../gobject/gtype.c:4122
#1 gcal_agenda_view_remove_event at ../src/gui/views/gcal-agenda-view.c:586
#2 remove_event_from_subscriber at ../src/core/gcal-timeline.c:228
#3 timeline_source_dispatch at ../src/core/gcal-timeline.c:717
#6 g_main_context_iterate.constprop.0 at ../glib/gmain.c:4238
#7 g_main_context_iteration at ../glib/gmain.c:4303
#8 g_application_run at ../gio/gapplication.c:2571
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2173204
https://bugzilla.redhat.com/show_bug.cgi?id=2170263
Bug ID: 2170263
Summary: CVE-2023-23934 python-werkzeug: cookie prefixed with =
can shadow unprefixed cookie [fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: python-werkzeug
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: fzatlouk(a)redhat.com
Reporter: askrabec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: aurelien(a)bompard.org, danielmyoung(a)gmail.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fzatlouk(a)redhat.com, karlthered(a)gmail.com,
python-packagers-sig(a)lists.fedoraproject.org,
tdawson(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2170243
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2170263
https://bugzilla.redhat.com/show_bug.cgi?id=2170259
Bug ID: 2170259
Summary: CVE-2023-25577 python-werkzeug: high resource usage
when parsing multipart form data with many fields
[fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: python-werkzeug
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: fzatlouk(a)redhat.com
Reporter: askrabec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: aurelien(a)bompard.org, danielmyoung(a)gmail.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fzatlouk(a)redhat.com, karlthered(a)gmail.com,
python-packagers-sig(a)lists.fedoraproject.org,
tdawson(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2170242
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2170259
https://bugzilla.redhat.com/show_bug.cgi?id=2163254
Bug ID: 2163254
Summary: CVE-2022-41717 golang-x-tools: golang: net/http: An
attacker can cause excessive memory growth in a Go
server accepting HTTP/2 requests [fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: golang-x-tools
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: zebob.m(a)gmail.com
Reporter: ahanwate(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2161274
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2163254