Virtual private network (VPN) provider PureVPN has introduced a quantum-resistant feature to its OpenVPN protocol to provide users with more security and privacy for the post-quantum world. The firm has partnered with Quantinuum to deploy quantum-resistant encryption keys which, using its Quantum Origin platform, are generated via a verified quantum process, PureVPN said. The news comes as the security sector prepares for threats posed by the post-quantum encryption era.
Daily Archives: April 26, 2022
USN-5389-1: Libcroco vulnerabilities
It was discovered that Libcroco was incorrectly accessing data structures when
reading bytes from memory, which could cause a heap buffer overflow. An attacker
could possibly use this issue to cause a denial of service. (CVE-2017-7960)
It was discovered that Libcroco was incorrectly handling invalid UTF-8 values
when processing CSS files. An attacker could possibly use this issue to cause
a denial of service. (CVE-2017-8834, CVE-2017-8871)
It was discovered that Libcroco was incorrectly implementing recursion in one
of its parsing functions, which could cause an infinite recursion loop and a
stack overflow due to stack consumption. An attacker could possibly use this
issue to cause a denial of service. (CVE-2020-12825)
USN-5390-1: Linux kernel vulnerabilities
David Bouman discovered that the netfilter subsystem in the Linux kernel
did not properly validate passed user register indices. A local attacker
could use this to cause a denial of service or possibly execute arbitrary
code. (CVE-2022-1015)
David Bouman discovered that the netfilter subsystem in the Linux kernel
did not initialize memory in some situations. A local attacker could use
this to expose sensitive information (kernel memory). (CVE-2022-1016)
It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)
Emotet tests new attack techniques: Sign of things to come?
Notorious threat group Emotet has been detected testing new and significantly different attack techniques potentially in preparation for larger campaigns or selective and limited attacks, according to research from cybersecurity vendor Proofpoint. The firm stated the activity occurred while the prolific botnet and Trojan threat actor was on a period of hiatus and not conducting its typical high-volume campaigns.
New Emotet attack activity a departure from typical behaviors
Emotet targets Windows platforms to distribute follow-on malware and was considered one of the most prolific cybercriminal threats before its disruption by global law enforcement in January 2021. After a 10-month disappearance from the threat landscape, the group re-emerged in November 2021 and has since targeted thousands of users in multiple geographic regions. In some cases, the volume of malicious messages used in individual campaigns has reached over one million, Proofpoint stated. However, activity detected between April 4 and April 19, 2022, signifies a significant departure from Emotet’s typical attack behaviors, and is attributed to threat actor TA542.
USN-5388-2: OpenJDK vulnerabilities
It was discovered that OpenJDK incorrectly verified ECDSA signatures. An
attacker could use this issue to bypass the signature verification process.
(CVE-2022-21449)
It was discovered that OpenJDK incorrectly limited memory when compiling a
specially crafted XPath expression. An attacker could possibly use this
issue to cause a denial of service. (CVE-2022-21426)
It was discovered that OpenJDK incorrectly handled converting certain
object arguments into their textual representations. An attacker could
possibly use this issue to cause a denial of service. (CVE-2022-21434)
It was discovered that OpenJDK incorrectly validated the encoded length of
certain object identifiers. An attacker could possibly use this issue to
cause a denial of service. (CVE-2022-21443)
It was discovered that OpenJDK incorrectly validated certain paths. An
attacker could possibly use this issue to bypass the secure validation
feature and expose sensitive information in XML files. (CVE-2022-21476)
It was discovered that OpenJDK incorrectly parsed certain URI strings. An
attacker could possibly use this issue to make applications accept
invalid of malformed URI strings. (CVE-2022-21496)
USN-5388-1: OpenJDK vulnerabilities
It was discovered that OpenJDK incorrectly limited memory when compiling a
specially crafted XPath expression. An attacker could possibly use this
issue to cause a denial of service. (CVE-2022-21426)
It was discovered that OpenJDK incorrectly handled converting certain
object arguments into their textual representations. An attacker could
possibly use this issue to cause a denial of service. (CVE-2022-21434)
It was discovered that OpenJDK incorrectly validated the encoded length of
certain object identifiers. An attacker could possibly use this issue to
cause a denial of service. (CVE-2022-21443)
It was discovered that OpenJDK incorrectly validated certain paths. An
attacker could possibly use this issue to bypass the secure validation
feature and expose sensitive information in XML files. (CVE-2022-21476)
It was discovered that OpenJDK incorrectly parsed certain URI strings. An
attacker could possibly use this issue to make applications accept
invalid of malformed URI strings. (CVE-2022-21496)
Post Title
A vulnerability has been discovered in specific WSO2 products, which could allow for remote code execution. WSO2 is an open-source technology provider. It offers an enterprise platform for integrating application programming interfaces (API), applications, and web services locally and across the Internet. Successful exploitation of this vulnerability could allow for remote code execution. Depending on the privileges associated with the user, an attacker could then install programs; view; change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
recutils-1.9-1.fc36
FEDORA-2022-17787e290f
Packages in this update:
recutils-1.9-1.fc36
Update description:
New upstream release (#2075962, #2047809, #2047807, #2047805, #2046941)
Use %%gpgverify macro
Remove recutils-shared-lib-calls-exit.patch
Install rec-mode.el from a separate source
recutils-1.9-1.fc35
FEDORA-2022-4e6bd7ca62
Packages in this update:
recutils-1.9-1.fc35
Update description:
New upstream release (#2075962, #2047809, #2047807, #2047805, #2046941)
Use %%gpgverify macro
Remove recutils-shared-lib-calls-exit.patch
Install rec-mode.el from a separate source
USN-5376-3: Git regression
USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix
the issue. This update fixes the problem.
Original advisory details:
俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.