Fedora 35: redis 2022-44373f6778

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

**Redis 6.2.7** - Released Wed Apr 27 12:00:00 IDT 2022 Upgrade urgency: **SECURITY**, contains fixes to security issues. Security Fixes: * (CVE-2022-24736) An attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. This issue affects all versions of Redis. [reported by

Fedora 35: git 2022-3759ebabd2

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Update to 2.35.3 ([release notes](https://github.com/git/git/raw/v2.35.3/Documen tation/RelNotes/2.35.3.txt)) This release addresses [CVE-2022-24765](https://bugzilla.redhat.com/CVE-2022-24765). Per the release announcement: > On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in

Fedora 36: git 2022-e99ae504f5

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Update to 2.36.0 ([release notes](https://github.com/git/git/raw/v2.36.0/Documen tation/RelNotes/2.36.0.txt)) Among the changes, this release includes changes to address [CVE-2022-24765](https://bugzilla.redhat.com/CVE-2022-24765). Per the release announcement: > On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a

Fedora 36: cifs-utils 2022-eb2d3ca94d

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a security release to address the following bugs: - CVE-2022-27239: mount.cifs: fix length check for ip option parsing - CVE-2022-29869: mount.cifs: fix verbose messages on option parsing Description CVE-2022-27239: In cifs- utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.