golang-1.17.7-1.el7
FEDORA-EPEL-2022-f64d777807 Packages in this update: golang-1.17.7-1.el7 Update description: Update to 1.17.7, including fixes for CVE-2021-29923, CVE-2021-43565, CVE-2022-23806, CVE-2022-23772, and CVE-2022-23773 Read More
ForgeRock offers AI-based solution for identity-based cyberattacks
ForgeRock, a global identity and access management company, has introduced ForgeRock Autonomous Access, a new application that uses AI to prevent identity-based cyberattacks and fraud. ...
ICE Is a Domestic Surveillance Agency
Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US: When you think about government surveillance in the...
Five Eyes Nations Issue New Supply Chain Security Advisory
The joint advisory is designed to enable transparent discussions between MSPs and their customers on securing sensitive data Read More
Stealthy Linux implant BPFdoor compromised organizations globally for years
Malware researchers warn about a stealthy backdoor program that has been used by a Chinese threat actor to compromise Linux servers at government and private...
USN-5411-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to...
curl-7.79.1-4.fc35
FEDORA-2022-3d8f00cde2 Packages in this update: curl-7.79.1-4.fc35 Update description: fix too eager reuse of TLS and SSH connections (CVE-2022-27782) fix credential leak on redirect (CVE-2022-27774) fix...
curl-7.76.1-16.fc34
FEDORA-2022-8277bef335 Packages in this update: curl-7.76.1-16.fc34 Update description: fix too eager reuse of TLS and SSH connections (CVE-2022-27782) fix credential leak on redirect (CVE-2022-27774) fix...
curl-7.82.0-5.fc36
FEDORA-2022-d15a736748 Packages in this update: curl-7.82.0-5.fc36 Update description: fix too eager reuse of TLS and SSH connections (CVE-2022-27782) do not accept cookies for TLD with...
USN-5412-1: curl vulnerabilities
Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong...