-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-8f968eea82 2022-02-10 01:30:40.649605 --------------------------------------------------------------------------------
Name : phoronix-test-suite Product : Fedora 35 Version : 10.8.1 Release : 1.fc35 URL : http://phoronix-test-suite.com/ Summary : An Automated, Open-Source Testing Framework Description : The Phoronix Test Suite is the most comprehensive testing and benchmarking platform available for the Linux operating system. This software is designed to effectively carry out both qualitative and quantitative benchmarks in a clean, reproducible, and easy-to-use manner. The Phoronix Test Suite consists of a lightweight processing core (pts-core) with each benchmark consisting of an XML-based profile with related resource scripts. The process from the benchmark installation, to the actual benchmarking, to the parsing of important hardware and software components is heavily automated and completely repeatable, asking users only for confirmation of actions.
-------------------------------------------------------------------------------- Update Information:
Security fix for: - CVE-2022-0157 - CVE-2022-0196 - CVE-2022-0197 - CVE-2022-0238 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 1 2022 Michel Alexandre Salim salimma@fedoraproject.org 10.8.1-1 - Update to 10.8.1 * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org 10.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2039837 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2039837 [ 2 ] Bug #2039838 - CVE-2022-0157 phoronix-test-suite: stored xss in group name [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2039838 [ 3 ] Bug #2043434 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043434 [ 4 ] Bug #2043435 - CVE-2022-0196 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043435 [ 5 ] Bug #2043442 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2043442 [ 6 ] Bug #2043443 - CVE-2022-0197 phoronix-test-suite: phoronix-test-suite vulnerable to Cross-Site Request Forgery (CSRF) [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2043443 [ 7 ] Bug #2046238 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2046238 [ 8 ] Bug #2046239 - CVE-2022-0238 phoronix-test-suite: CSRF in the phoromatic component [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2046239 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-8f968eea82' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------