August 2023 - java-sig-commits - Fedora Mailing-Lists

[Bug 2236342] New: CVE-2023-26049 log4j: jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2236342 Bug ID: 2236342 Summary: CVE-2023-26049 log4j: jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies [fedora-all] Product: Fedora Version: 38 Status: NEW Component: log4j Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: paul.wouters(a)aiven.io Reporter: pdelbell(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: devrim(a)gunduz.org, italo.garcia+fedora(a)aiven.io, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, paul.wouters(a)aiven.io, rj.layco(a)gmail.com, rominf(a)aiven.io Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2236341 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2236342 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

1 hour, 40 minutes

1
3
0 / 0

[Bug 2234963] New: CVE-2020-21687 nasm: stack-based buffer overflow in stdscan() in stdscan.c [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234963 Bug ID: 2234963 Summary: CVE-2020-21687 nasm: stack-based buffer overflow in stdscan() in stdscan.c [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234950 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234963 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234962] New: CVE-2020-21686 nasm: stack-use-after-scope in expand_mmac_params() in preproc.c [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234962 Bug ID: 2234962 Summary: CVE-2020-21686 nasm: stack-use-after-scope in expand_mmac_params() in preproc.c [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234946 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234962 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234961] New: CVE-2020-21685 nasm: buffer overflow in hash_findi() in hashtbl.c [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234961 Bug ID: 2234961 Summary: CVE-2020-21685 nasm: buffer overflow in hash_findi() in hashtbl.c [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234944 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234961 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234960] New: CVE-2023-38668 nasm: stack-based buffer overflow in disasm() [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234960 Bug ID: 2234960 Summary: CVE-2023-38668 nasm: stack-based buffer overflow in disasm() [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234922 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234960 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234959] New: CVE-2023-38667 nasm: stack-based buffer overflow in disasm() [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234959 Bug ID: 2234959 Summary: CVE-2023-38667 nasm: stack-based buffer overflow in disasm() [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234920 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234959 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234958] New: CVE-2023-38665 nasm: NULL pointer dereference in ieee_write_file() [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234958 Bug ID: 2234958 Summary: CVE-2023-38665 nasm: NULL pointer dereference in ieee_write_file() [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234917 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234958 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234957] New: CVE-2020-21528 nasm: segmentation fault in ieee_segment() in outieee.c [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234957 Bug ID: 2234957 Summary: CVE-2020-21528 nasm: segmentation fault in ieee_segment() in outieee.c [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234914 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234957 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234956] New: CVE-2020-18780 nasm: use-after-free in new_Token() in asm/preproc.c [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234956 Bug ID: 2234956 Summary: CVE-2020-18780 nasm: use-after-free in new_Token() in asm/preproc.c [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234910 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234956 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

[Bug 2234954] New: CVE-2022-29654 nasm: heap-based buffer overflow in quote_for_pmake() in asm/nasm.c [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2234954 Bug ID: 2234954 Summary: CVE-2022-29654 nasm: heap-based buffer overflow in quote_for_pmake() in asm/nasm.c [fedora-all] Product: Fedora Version: 38 Status: NEW Component: nasm Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: dominik(a)greysector.net Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dominik(a)greysector.net, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, pbonzini(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2234903 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2234954 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

2 days, 20 hours

1
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits August 2023