Fedora 35: phoronix-test-suite 2022-8f968eea82 | LinuxSecurity.com
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-8f968eea82
2022-02-10 01:30:40.649605
--------------------------------------------------------------------------------

Name        : phoronix-test-suite
Product     : Fedora 35
Version     : 10.8.1
Release     : 1.fc35
URL         : https://phoronix-test-suite.com/
Summary     : An Automated, Open-Source Testing Framework
Description :
The Phoronix Test Suite is the most comprehensive testing and benchmarking
platform available for the Linux operating system. This software is designed to
effectively carry out both qualitative and quantitative benchmarks in a clean,
reproducible, and easy-to-use manner. The Phoronix Test Suite consists of a
lightweight processing core (pts-core) with each benchmark consisting of an
XML-based profile with related resource scripts. The process from the benchmark
installation, to the actual benchmarking, to the parsing of important hardware
and software components is heavily automated and completely repeatable, asking
users only for confirmation of actions.

--------------------------------------------------------------------------------
Update Information:

Security fix for: - CVE-2022-0157 - CVE-2022-0196  - CVE-2022-0197 -
CVE-2022-0238
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb  1 2022 Michel Alexandre Salim  10.8.1-1
- Update to 10.8.1
* Fri Jan 21 2022 Fedora Release Engineering  10.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2039837
  [ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2039838
  [ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043434
  [ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043435
  [ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043442
  [ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043443
  [ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2046238
  [ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2046239
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-8f968eea82' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 35: phoronix-test-suite 2022-8f968eea82

February 9, 2022
Security fix for: - CVE-2022-0157 - CVE-2022-0196 - CVE-2022-0197 - CVE-2022-0238

Summary

The Phoronix Test Suite is the most comprehensive testing and benchmarking

platform available for the Linux operating system. This software is designed to

effectively carry out both qualitative and quantitative benchmarks in a clean,

reproducible, and easy-to-use manner. The Phoronix Test Suite consists of a

lightweight processing core (pts-core) with each benchmark consisting of an

XML-based profile with related resource scripts. The process from the benchmark

installation, to the actual benchmarking, to the parsing of important hardware

and software components is heavily automated and completely repeatable, asking

users only for confirmation of actions.

Update Information:

Security fix for: - CVE-2022-0157 - CVE-2022-0196 - CVE-2022-0197 - CVE-2022-0238

Change Log

* Tue Feb 1 2022 Michel Alexandre Salim 10.8.1-1 - Update to 10.8.1 * Fri Jan 21 2022 Fedora Release Engineering 10.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

References

[ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2039837 [ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2039838 [ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043434 [ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043435 [ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043442 [ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043443 [ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2046238 [ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2046239

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-8f968eea82' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : phoronix-test-suite
Product : Fedora 35
Version : 10.8.1
Release : 1.fc35
URL : https://phoronix-test-suite.com/
Summary : An Automated, Open-Source Testing Framework

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.