--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-8f968eea82
2022-02-10 01:30:40.649605
--------------------------------------------------------------------------------

Name        : phoronix-test-suite
Product     : Fedora 35
Version     : 10.8.1
Release     : 1.fc35
URL         : https://phoronix-test-suite.com/
Summary     : An Automated, Open-Source Testing Framework
Description :
The Phoronix Test Suite is the most comprehensive testing and benchmarking
platform available for the Linux operating system. This software is designed to
effectively carry out both qualitative and quantitative benchmarks in a clean,
reproducible, and easy-to-use manner. The Phoronix Test Suite consists of a
lightweight processing core (pts-core) with each benchmark consisting of an
XML-based profile with related resource scripts. The process from the benchmark
installation, to the actual benchmarking, to the parsing of important hardware
and software components is heavily automated and completely repeatable, asking
users only for confirmation of actions.

--------------------------------------------------------------------------------
Update Information:

Security fix for: - CVE-2022-0157 - CVE-2022-0196  - CVE-2022-0197 -
CVE-2022-0238
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb  1 2022 Michel Alexandre Salim  10.8.1-1
- Update to 10.8.1
* Fri Jan 21 2022 Fedora Release Engineering  10.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2039837
  [ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2039838
  [ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043434
  [ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043435
  [ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043442
  [ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite:  phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2043443
  [ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2046238
  [ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=2046239
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-8f968eea82' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure