Fedora 35: phoronix-test-suite 2022-8f968eea82
Summary
The Phoronix Test Suite is the most comprehensive testing and benchmarking
platform available for the Linux operating system. This software is designed to
effectively carry out both qualitative and quantitative benchmarks in a clean,
reproducible, and easy-to-use manner. The Phoronix Test Suite consists of a
lightweight processing core (pts-core) with each benchmark consisting of an
XML-based profile with related resource scripts. The process from the benchmark
installation, to the actual benchmarking, to the parsing of important hardware
and software components is heavily automated and completely repeatable, asking
users only for confirmation of actions.
Security fix for: - CVE-2022-0157 - CVE-2022-0196 - CVE-2022-0197 -CVE-2022-0238
* Tue Feb 1 2022 Michel Alexandre Salim
- Update to 10.8.1
* Fri Jan 21 2022 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
[ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2039837
[ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2039838
[ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2043434
[ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2043435
[ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2043442
[ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2043443
[ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2046238
[ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2046239
su -c 'dnf upgrade --advisory FEDORA-2022-8f968eea82' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
FEDORA-2022-8f968eea82 2022-02-10 01:30:40.649605 Product : Fedora 35 Version : 10.8.1 Release : 1.fc35 URL : http://phoronix-test-suite.com/ Summary : An Automated, Open-Source Testing Framework Description : The Phoronix Test Suite is the most comprehensive testing and benchmarking platform available for the Linux operating system. This software is designed to effectively carry out both qualitative and quantitative benchmarks in a clean, reproducible, and easy-to-use manner. The Phoronix Test Suite consists of a lightweight processing core (pts-core) with each benchmark consisting of an XML-based profile with related resource scripts. The process from the benchmark installation, to the actual benchmarking, to the parsing of important hardware and software components is heavily automated and completely repeatable, asking users only for confirmation of actions. Security fix for: - CVE-2022-0157 - CVE-2022-0196 - CVE-2022-0197 -CVE-2022-0238 * Tue Feb 1 2022 Michel Alexandre Salim 10.8.1-1 - Update to 10.8.1 * Fri Jan 21 2022 Fedora Release Engineering 10.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild [ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2039837 [ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2039838 [ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043434 [ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043435 [ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043442 [ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043443 [ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2046238 [ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2046239 su -c 'dnf upgrade --advisory FEDORA-2022-8f968eea82' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Change Log
References