Mageia 2022-0228: apache security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. (CVE-2022-26377)

Mageia 2022-0223: vim security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

out-of-bounds read in gchar_cursor() in misc1.c (CVE-2022-1851) use-after-free in find_pattern_in_path() in search.c (CVE-2022-1898) out-of-bounds write in vim_regsub_both() in regexp.c (CVE-2022-1897) buffer over-read in utf_ptr2char() in mbyte.c (CVE-2022-1927 ) out of bounds write in vim_regsub_both() (CVE-2022-1942)

Mageia 2022-0221: thunderbird security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name