Read Time:4 Second
Assuming the identity of a domain, threat actors could then execute arbitrary commands
Monthly Archives: June 2022
3mux-1.1.0-5.fc36 act-1.6.0-6.fc36 aerc-0.10.0-3.fc36 age-1.0.0-5.fc36 apache-cloudstack-cloudmonkey-6.2.0-3.fc36 aquatone-1.7.0-7.fc36 aron-0-0.6.20200626git7eade58.fc36 asnip-0-0.6.20200618git44ba98b.fc36 assetfinder-0.1.0-6.fc36 bettercap-2.32.0-4.fc36 cadvisor-0.44.1-2.fc36 chisel-1.7.7-3.fc36 clash-1.8.0-4.fc36 commit-stream-0.1.2-7.fc36 containerd-1.6.6-3.fc36 direnv-2.28.0-5.fc36 dnscrypt-proxy-2.1.1-4.fc36 dnsx-1.1.0-3.fc36 douceur-0.2.0-14.fc36 duf-0.8.1-3.fc36 ffuf-1.0.2-6.fc36 fzf-0.30.0-3.fc36 geoipupdate-4.9.0-2.fc36 gh-2.12.1-3.fc36 git-time-metric-1.3.5-15.fc36 glide-0.13.2-10.fc36 goaltdns-0-0.7.20200627git2b3e8a3.fc36 gobuster-3.1.0-3.fc36 godoctor-0.6-12.fc36 godotenv-1.4.0-4.fc36 gojq-0.12.8-3.fc36 golang-bug-serial-1-1.3.5-3.fc36 golang-contrib-opencensus-resource-0.1.2-7.fc36 golang-etcd-bbolt-1.3.6-4.fc36 golang-gioui-0-8.20201225git18d4dbf.fc36 golang-github-a8m-tree-0-0.16.20210725gitce3525c.fc36 golang-github-acme-lego-4.4.0-6.fc36 golang-github-ajstarks-deck-0-0.12.20210114git30c9fc6.fc36 golang-github-akavel-rsrc-0.10.2-4.fc36 golang-github-alecthomas-chroma-0.10.0-3.fc36 golang-github-aliyun-ossutil-1.7.9-3.fc36 golang-github-andybalholm-cascadia-1.2.0-6.fc36 golang-github-apache-beam-2-2.33.0~RC1-7.fc36 golang-github-appc-docker2aci-0.17.2-9.fc36 golang-github-appc-goaci-0.1.1-12.fc36 golang-github-appc-spec-0.8.11-14.fc36 golang-github-aryann-difflib-0-0.5.20200822gite206f87.fc36 golang-github-aws-lambda-1.26.0-4.fc36 golang-github-axgle-mahonia-0-0.13.20181112git3358181.fc36 golang-github-bifurcation-mint-0-0.9.20200724git93c820e.fc36 golang-github-bobesa-domain-util-0-0.6.20200504git4033b5f.fc36 golang-github-burntsushi-toml-1.0.0-5.fc36 golang-github-burntsushi-toml-test-0.2.0-11.20210108git9767d20.fc36 golang-github-burntsushi-xgb-0-0.15.20210108git5f9e7b3.fc36 golang-github-c-bata-prompt-0.2.6-4.fc36 golang-github-cactus-statsd-client-5.0.0-5.fc36 golang-github-cespare-xxhash-2.1.2-3.fc36 golang-github-chai2010-gettext-1.0.2-6.fc36 golang-github-chris-ramon-douceur-0.2.0-5.20200910gitf346305.fc36 golang-github-christrenkamp-goxpath-0-0.6.20200627gitc5096ec.fc36 golang-github-cilium-ebpf-0.8.0-2.fc36 golang-github-client9-plaintext-0-0.8.20190703git5bf47e7.fc36 golang-github-cloudflare-0.21.0-3.fc36 golang-github-cloudflare-redoctober-0-0.11.20210114git99c99a8.fc36 golang-github-cockroachdb-pebble-0-0.8.20210108git48f5530.fc36 golang-github-colinmarc-hdfs-2-2.2.0-4.fc36 golang-github-containerd-continuity-0.2.2-3.fc36 golang-github-containerd-fuse-overlayfs-snapshotter-1.0.2-7.fc36 golang-github-containerd-stargz-snapshotter-0.10.1-2.fc36 golang-github-containernetworking-cni-1.1.1-4.fc36 golang-github-coredns-corefile-migration-1.0.11-6.fc36 golang-github-cpu-goacmedns-0.1.1-5.fc36 golang-github-cpuguy83-md2man-2.0.2-2.fc36 golang-github-crossdock-0-0.8.20190628git049aabb.fc36 golang-github-cucumber-godog-0.12.1-4.fc36 golang-github-dave-jennifer-1.4.1-5.fc36 golang-github-deepmap-oapi-codegen-1.8.2-3.fc36 golang-github-dgrijalva-jwt-3.2.0-11.fc36 golang-github-dreamacro-shadowsocks2-0.1.7-6.fc36 golang-github-dustinkirkland-petname-0-0.6.20200605git8e5a1ed.fc36 golang-github-eknkc-amber-0-0.17.20190601gitcdade1c.fc36 golang-github-elazarl-bindata-assetfs-1.0.1-9.fc36 golang-github-emersion-smtp-0.15.0-4.fc36 golang-github-envoyproxy-protoc-gen-validate-0.4.1-6.fc36 golang-github-etcd-io-gofail-0-0.3.20210808gitad7f989.fc36 golang-github-evanphx-json-patch-5.5.0-3.fc36 golang-github-evanw-esbuild-0.14.38-2.fc36 golang-github-fernet-0-0.9.20200726giteff2850.fc36 golang-github-francoispqt-gojay-1.2.13-7.fc36 golang-github-fvbommel-util-0.0.3-5.fc36 golang-github-gdamore-tcell-1.4.0-5.fc36 golang-github-gdamore-tcell-2-2.5.0-2.fc36 golang-github-geertjohan-rice-1.0.2-5.fc36 golang-github-gobuffalo-here-0.6.2-5.fc36 golang-github-gobwas-ws-1.1.0-3.fc36 golang-github-gocolly-colly-2-2.1.0-4.20210920git2f09941.fc36 golang-github-gogo-googleapis-1.4.1-4.fc36 golang-github-gohugoio-localescompressed-1.0.1-2.fc36 golang-github-gohugoio-testmodbuilder-0-0.10.20201030git72e1e0c.fc36 golang-github-golangci-lint-1-0-0.5.20200828gitd2cdd8c.fc36 golang-github-google-jsonnet-0.17.0-5.fc36 golang-github-google-martian-3.1.0-9.fc36 golang-github-google-pprof-0-16.20210802gitc50bf4f.fc36 golang-github-google-slothfs-0-0.11.20200727git59c1163.fc36 golang-github-google-wire-0.5.0-3.fc36 golang-github-googleapis-gnostic-0.5.3-6.fc36 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-6.fc36 golang-github-gorhill-cronexpr-1.0.0-4.fc36 golang-github-grpc-ecosystem-gateway-2-2.7.3-4.fc36 golang-github-gucumber-0-0.23.20190703git7d5c79e.fc36 golang-github-haproxytech-client-native-2.5.3-3.fc36 golang-github-haproxytech-dataplaneapi-2.4.4-4.fc36 golang-github-hashicorp-consul-migrate-0.1.0-9.20190602git678fb10.fc36 golang-github-hashicorp-hclog-0.15.0-5.fc36 golang-github-hashicorp-memdb-1.3.0-5.fc36 golang-github-hashicorp-serf-0.9.5-5.fc36 golang-github-hashicorp-sockaddr-1.0.2-11.fc36 golang-github-hpcloud-tail-1.0.0-10.20190325gita1dbeea.fc36 golang-github-insomniacslk-termhook-0-6.20210406gita267c97.fc36 golang-github-instrumenta-kubeval-0.15.0-8.fc36 golang-github-intel-goresctrl-0.2.0-5.fc36 golang-github-j-keck-arping-1.0.2-3.fc36 golang-github-jmespath-0.4.0-5.fc36 golang-github-jsonnet-bundler-0.4.0-8.fc36 golang-github-jwt-3.2.2-3.fc36 golang-github-kr-text-0.2.0-5.fc36 golang-github-krishicks-yaml-patch-0.0.10-8.20200307git05b3177.fc36 golang-github-kyokomi-emoji-2.2.8-5.fc36 golang-github-ledisdb-0.6-5.20210112gitd35789e.fc36 golang-github-leonelquinteros-gotext-1.5.0-2.fc36 golang-github-leveldb-0-0.9.20190701git259d925.fc36 golang-github-liamg-tml-0.6.0-2.fc36 golang-github-magefile-mage-1.11.0-5.fc36 golang-github-mailru-easyjson-0.7.6-5.fc36 golang-github-markbates-pkger-0.17.1-5.fc36 golang-github-martinhoefling-goxkcdpwgen-0.1.0-2.fc36 golang-github-mattn-colorable-0.1.8-5.fc36 golang-github-mdlayher-dhcp6-0-0.8.20200429git2a67805.fc36 golang-github-mgutz-ansi-0-0.13.20200729gitd51e80e.fc36 golang-github-mholt-archiver-3.5.1-3.fc36 golang-github-microcosm-cc-bluemonday-1.0.17-3.fc36 golang-github-mmarkdown-mmark-2.2.10-5.fc36 golang-github-mock-1.6.0-3.fc36 golang-github-morikuni-aec-1.0.0-5.fc36 golang-github-mrunalp-fileutils-0.5.0-5.fc36 golang-github-multiformats-multibase-0.0.3-2.20220213gitf067816.fc36 golang-github-multiformats-multihash-0.1.0-2.fc36 golang-github-mvo5-uboot-0.4-10.fc36 golang-github-nats-io-nkeys-0.2.0-5.fc36 golang-github-nats-io-streaming-server-0.20.0-5.fc36 golang-github-nbutton23-zxcvbn-0.1-8.20210110gite56b841.fc36 golang-github-nicksnyder-i18n-2-2.1.2-5.fc36 golang-github-nxadm-tail-1.4.6-7.fc36 golang-github-oklog-0.3.2-10.20190701gitca7cdf5.fc36 golang-github-oklog-ulid-2.0.2-10.fc36 golang-github-olekukonko-tablewriter-0.0.5-3.fc36 golang-github-oneofone-xxhash-1.2.8-5.fc36 golang-github-onsi-ginkgo-2-2.1.4-2.fc36 golang-github-pact-foundation-1.5.1-6.fc36 golang-github-pdfcpu-0.3.13-2.fc36 golang-github-pelletier-toml-1.9.4-2.fc36 golang-github-pelletier-toml-2-2.0.0~beta.8-4.fc36 golang-github-phayes-freeport-1.0.2-6.fc36 golang-github-pierrec-lz4-4.1.3-5.fc36 golang-github-pierrre-geohash-1.0.0-4.fc36 golang-github-pkg-diff-0-0.4.20210406git20ebb0f.fc36 golang-github-posener-complete-1.2.3-8.fc36 golang-github-posener-complete-2-2.0.1~alpha.13-5.fc36 golang-github-pquerna-ffjson-0-0.9.20200730gitaa0246c.fc36 golang-github-pressly-goose-2.7.0-4.fc36 golang-github-projectdiscovery-chaos-client-0.2.0-2.fc36 golang-github-projectdiscovery-mapcidr-0.0.8-3.fc36 golang-github-prometheus-2.32.1-5.fc36 golang-github-prometheus-alertmanager-0.23.0-9.fc36 golang-github-prometheus-node-exporter-1.3.1-8.fc36 golang-github-prometheus-prom2json-1.3.0-8.20210811git90766c0.fc36 golang-github-prometheus-tsdb-0.10.0-7.fc36 golang-github-quay-goval-parser-0.8.6-4.fc36 golang-github-rakyll-statik-0.1.7-8.fc36 golang-github-rcrowley-metrics-0-0.28.20210110gitcf1acfc.fc36 golang-github-redteampentesting-monsoon-0.6.0-6.fc36 golang-github-rogpeppe-internal-1.8.1-2.fc36 golang-github-rubenv-sql-migrate-0-0.4.20210529gita32ed26.fc36 golang-github-rwcarlsen-goexif-0-0.9.20191017git9e8deec.fc36 golang-github-shellcode33-vm-detection-0-0.6.20200715git4fd05cb.fc36 golang-github-shopify-sarama-1.27.2-5.fc36 golang-github-shulhan-bindata-3.6.1-6.fc36 golang-github-shurcool-vfsgen-0-0.11.20210113git0d455de.fc36 golang-github-skip2-qrcode-0-2.20220316gitda1b656.fc36 golang-github-snappy-0.0.2-6.fc36 golang-github-sourcegraph-syntaxhighlight-0-0.11.20180418gitbd320f5.fc36 golang-github-spf13-cobra-1.4.0-3.fc36 golang-github-tdewolff-minify-2.11.10-3.fc36 golang-github-temoto-robotstxt-1.1.2-3.fc36 golang-github-theupdateframework-notary-0.7.0-5.fc36 golang-github-twitchtv-twirp-8.1.0-4.fc36 golang-github-twpayne-waypoint-0-0.4.20210130git4f8e6bf.fc36 golang-github-u-root-iscsinl-0.1.0-4.fc36 golang-github-uber-athenadriver-1.1.12-5.fc36 golang-github-uber-jaeger-client-2.30.0-2.fc36 golang-github-ulikunitz-xz-0.5.10-4.fc36 golang-github-valyala-fasthttp-1.29.0-3.fc36 golang-github-vbatts-tar-split-0.11.1-10.fc36 golang-github-vincent-petithory-dataurl-0-0.7.20200110gitd1553a7.fc36 golang-github-vmware-govmomi-0.24.0-5.fc36 golang-github-xo-terminfo-0-0.6.20210113gitc22d04b.fc36 golang-github-xordataexchange-crypt-0.0.2-12.20190412gitb2862e3.fc36 golang-github-yuin-gopher-lua-0-23.20220305gitf4c35e4.fc36 golang-gitlab-commonmark-linkify-0-0.9.20200805git64bca66.fc36 golang-google-appengine-1.6.7-5.fc36 golang-google-protobuf-1.27.1-5.fc36 golang-gopkg-neurosnap-sentences-1-1.0.6-14.fc36 golang-gopkg-square-jose-2-2.6.0-3.fc36 golang-gopkg-src-d-git-4-4.13.1-8.fc36 golang-honnef-tools-2021.1.2-2.20220304git852a31a.fc36 golang-jaytaylor-html2text-0-0.2.20220509gitbc68cce.fc36 golang-k8s-apiextensions-apiserver-1.22.0-6.fc36 golang-k8s-code-generator-1.22.0-4.fc36 golang-k8s-kube-aggregator-1.22.0-4.fc36 golang-k8s-kube-openapi-0-0.21.20210813git3c81807.fc36 golang-k8s-pod-security-admission-1.22.0-3.fc36 golang-k8s-sample-apiserver-1.22.0-5.fc36 golang-k8s-sample-cli-plugin-1.22.0-4.fc36 golang-k8s-sample-controller-1.22.0-4.fc36 golang-mongodb-mongo-driver-1.4.5-6.fc36 golang-mvdan-xurls-2.2.0-6.fc36 golang-sourcegraph-appdash-0-0.9.20210113gitebfcffb.fc36 golang-storj-drpc-0.0.31-2.fc36 golang-vbom-util-0-0.11.20190520gitefcd4e0.fc36 golang-x-debug-0-0.14.20210123gitc934e1b.fc36 golang-x-exp-0-0.43.20220330git053ad81.fc36 golang-x-lint-0-16.20210123git83fdc39.fc36 golang-x-mod-0.6.0~dev-3.20220330git9b9b3d8.fc36 golang-x-perf-0-0.15.20210123gitbdcc622.fc36 golang-x-text-0.3.7-2.fc36 golist-0.10.1-9.fc36 goloris-0-0.6.20200326gita59fafb.fc36 gopass-hibp-1.12.0-2.20220511gitd4baae0.fc36 gopass-jsonapi-1.11.1-2.20220511git5dc831e.fc36 gotags-1.4.1-8.fc36 grpcurl-1.8.6-3.fc36 hakrevdns-0-0.5.20201116git9fa2d59.fc36 hcloud-1.29.5-3.fc36 htmltest-0.15.0-3.fc36 httprobe-0.1.2-6.fc36 hulk-0-0.6.20200620git9670699.fc36 jid-0.7.6-9.fc36 kiln-0.2.0-4.fc36 kubernetes-1.24.1-2.fc36 mass3-0-0.6.20200627gite1d5f1a.fc36 meg-0.2.4-6.fc36 meshbird-2.3-6.fc36 micro-2.0.8-5.fc36 moby-engine-20.10.17-3.fc36 mqttcli-0.2.3-2.fc36 nats-server-2.1.9-6.fc36 netscanner-0-0.5.20201116git8baab36.fc36 ohmybackup-0-0.6.20200526git50f2fce.fc36 onionscan-0.2-7.fc36 open-policy-agent-0.31.0-5.fc36 podman-tui-0.4.0-2.fc36 powerline-go-1.21.0-4.fc36 shellz-1.5.0-7.fc36 shhgit-0.2-7.fc36 snapd-2.55.3-2.fc36 snowcrash-0-0.7.20201119git49b99ad.fc36 source-to-image-1.3.1-4.fc36 subfinder-2.5.2-2.fc36 syncthing-1.20.2-2.fc36 sysutil-0-0.7.20200615git15668db.fc36 terrier-0.0.2-6.fc36 tiedot-3.4-8.fc36 toolbox-0.0.99.3-5.fc36 vgrep-2.6.0-2.fc36 vultr-2.0.3-5.fc36 vultr-cli-2.12.2-2.fc36 webanalyze-0.3.1-6.fc36 weldr-client-35.5-2.fc36 wgctrl-0-0.11.20210811git4253848.fc36 xq-0.0.7-4.fc36 yggdrasil-0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc36 yubihsm-connector-3.0.2-3.fc36
Read Time:12 Minute, 4 Second
FEDORA-2022-fae3ecee19
Packages in this update:
3mux-1.1.0-5.fc36
act-1.6.0-6.fc36
aerc-0.10.0-3.fc36
age-1.0.0-5.fc36
apache-cloudstack-cloudmonkey-6.2.0-3.fc36
aquatone-1.7.0-7.fc36
aron-0-0.6.20200626git7eade58.fc36
asnip-0-0.6.20200618git44ba98b.fc36
assetfinder-0.1.0-6.fc36
bettercap-2.32.0-4.fc36
cadvisor-0.44.1-2.fc36
chisel-1.7.7-3.fc36
clash-1.8.0-4.fc36
commit-stream-0.1.2-7.fc36
containerd-1.6.6-3.fc36
direnv-2.28.0-5.fc36
dnscrypt-proxy-2.1.1-4.fc36
dnsx-1.1.0-3.fc36
douceur-0.2.0-14.fc36
duf-0.8.1-3.fc36
ffuf-1.0.2-6.fc36
fzf-0.30.0-3.fc36
geoipupdate-4.9.0-2.fc36
gh-2.12.1-3.fc36
git-time-metric-1.3.5-15.fc36
glide-0.13.2-10.fc36
goaltdns-0-0.7.20200627git2b3e8a3.fc36
gobuster-3.1.0-3.fc36
godoctor-0.6-12.fc36
godotenv-1.4.0-4.fc36
gojq-0.12.8-3.fc36
golang-bug-serial-1-1.3.5-3.fc36
golang-contrib-opencensus-resource-0.1.2-7.fc36
golang-etcd-bbolt-1.3.6-4.fc36
golang-gioui-0-8.20201225git18d4dbf.fc36
golang-github-a8m-tree-0-0.16.20210725gitce3525c.fc36
golang-github-acme-lego-4.4.0-6.fc36
golang-github-ajstarks-deck-0-0.12.20210114git30c9fc6.fc36
golang-github-akavel-rsrc-0.10.2-4.fc36
golang-github-alecthomas-chroma-0.10.0-3.fc36
golang-github-aliyun-ossutil-1.7.9-3.fc36
golang-github-andybalholm-cascadia-1.2.0-6.fc36
golang-github-apache-beam-2-2.33.0~RC1-7.fc36
golang-github-appc-docker2aci-0.17.2-9.fc36
golang-github-appc-goaci-0.1.1-12.fc36
golang-github-appc-spec-0.8.11-14.fc36
golang-github-aryann-difflib-0-0.5.20200822gite206f87.fc36
golang-github-aws-lambda-1.26.0-4.fc36
golang-github-axgle-mahonia-0-0.13.20181112git3358181.fc36
golang-github-bifurcation-mint-0-0.9.20200724git93c820e.fc36
golang-github-bobesa-domain-util-0-0.6.20200504git4033b5f.fc36
golang-github-burntsushi-toml-1.0.0-5.fc36
golang-github-burntsushi-toml-test-0.2.0-11.20210108git9767d20.fc36
golang-github-burntsushi-xgb-0-0.15.20210108git5f9e7b3.fc36
golang-github-cactus-statsd-client-5.0.0-5.fc36
golang-github-c-bata-prompt-0.2.6-4.fc36
golang-github-cespare-xxhash-2.1.2-3.fc36
golang-github-chai2010-gettext-1.0.2-6.fc36
golang-github-chris-ramon-douceur-0.2.0-5.20200910gitf346305.fc36
golang-github-christrenkamp-goxpath-0-0.6.20200627gitc5096ec.fc36
golang-github-cilium-ebpf-0.8.0-2.fc36
golang-github-client9-plaintext-0-0.8.20190703git5bf47e7.fc36
golang-github-cloudflare-0.21.0-3.fc36
golang-github-cloudflare-redoctober-0-0.11.20210114git99c99a8.fc36
golang-github-cockroachdb-pebble-0-0.8.20210108git48f5530.fc36
golang-github-colinmarc-hdfs-2-2.2.0-4.fc36
golang-github-containerd-continuity-0.2.2-3.fc36
golang-github-containerd-fuse-overlayfs-snapshotter-1.0.2-7.fc36
golang-github-containerd-stargz-snapshotter-0.10.1-2.fc36
golang-github-containernetworking-cni-1.1.1-4.fc36
golang-github-coredns-corefile-migration-1.0.11-6.fc36
golang-github-cpu-goacmedns-0.1.1-5.fc36
golang-github-cpuguy83-md2man-2.0.2-2.fc36
golang-github-crossdock-0-0.8.20190628git049aabb.fc36
golang-github-cucumber-godog-0.12.1-4.fc36
golang-github-dave-jennifer-1.4.1-5.fc36
golang-github-deepmap-oapi-codegen-1.8.2-3.fc36
golang-github-dgrijalva-jwt-3.2.0-11.fc36
golang-github-dreamacro-shadowsocks2-0.1.7-6.fc36
golang-github-dustinkirkland-petname-0-0.6.20200605git8e5a1ed.fc36
golang-github-eknkc-amber-0-0.17.20190601gitcdade1c.fc36
golang-github-elazarl-bindata-assetfs-1.0.1-9.fc36
golang-github-emersion-smtp-0.15.0-4.fc36
golang-github-envoyproxy-protoc-gen-validate-0.4.1-6.fc36
golang-github-etcd-io-gofail-0-0.3.20210808gitad7f989.fc36
golang-github-evanphx-json-patch-5.5.0-3.fc36
golang-github-evanw-esbuild-0.14.38-2.fc36
golang-github-fernet-0-0.9.20200726giteff2850.fc36
golang-github-francoispqt-gojay-1.2.13-7.fc36
golang-github-fvbommel-util-0.0.3-5.fc36
golang-github-gdamore-tcell-1.4.0-5.fc36
golang-github-gdamore-tcell-2-2.5.0-2.fc36
golang-github-geertjohan-rice-1.0.2-5.fc36
golang-github-gobuffalo-here-0.6.2-5.fc36
golang-github-gobwas-ws-1.1.0-3.fc36
golang-github-gocolly-colly-2-2.1.0-4.20210920git2f09941.fc36
golang-github-gogo-googleapis-1.4.1-4.fc36
golang-github-gohugoio-localescompressed-1.0.1-2.fc36
golang-github-gohugoio-testmodbuilder-0-0.10.20201030git72e1e0c.fc36
golang-github-golangci-lint-1-0-0.5.20200828gitd2cdd8c.fc36
golang-github-googleapis-gnostic-0.5.3-6.fc36
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-6.fc36
golang-github-google-jsonnet-0.17.0-5.fc36
golang-github-google-martian-3.1.0-9.fc36
golang-github-google-pprof-0-16.20210802gitc50bf4f.fc36
golang-github-google-slothfs-0-0.11.20200727git59c1163.fc36
golang-github-google-wire-0.5.0-3.fc36
golang-github-gorhill-cronexpr-1.0.0-4.fc36
golang-github-grpc-ecosystem-gateway-2-2.7.3-4.fc36
golang-github-gucumber-0-0.23.20190703git7d5c79e.fc36
golang-github-haproxytech-client-native-2.5.3-3.fc36
golang-github-haproxytech-dataplaneapi-2.4.4-4.fc36
golang-github-hashicorp-consul-migrate-0.1.0-9.20190602git678fb10.fc36
golang-github-hashicorp-hclog-0.15.0-5.fc36
golang-github-hashicorp-memdb-1.3.0-5.fc36
golang-github-hashicorp-serf-0.9.5-5.fc36
golang-github-hashicorp-sockaddr-1.0.2-11.fc36
golang-github-hpcloud-tail-1.0.0-10.20190325gita1dbeea.fc36
golang-github-insomniacslk-termhook-0-6.20210406gita267c97.fc36
golang-github-instrumenta-kubeval-0.15.0-8.fc36
golang-github-intel-goresctrl-0.2.0-5.fc36
golang-github-j-keck-arping-1.0.2-3.fc36
golang-github-jmespath-0.4.0-5.fc36
golang-github-jsonnet-bundler-0.4.0-8.fc36
golang-github-jwt-3.2.2-3.fc36
golang-github-krishicks-yaml-patch-0.0.10-8.20200307git05b3177.fc36
golang-github-kr-text-0.2.0-5.fc36
golang-github-kyokomi-emoji-2.2.8-5.fc36
golang-github-ledisdb-0.6-5.20210112gitd35789e.fc36
golang-github-leonelquinteros-gotext-1.5.0-2.fc36
golang-github-leveldb-0-0.9.20190701git259d925.fc36
golang-github-liamg-tml-0.6.0-2.fc36
golang-github-magefile-mage-1.11.0-5.fc36
golang-github-mailru-easyjson-0.7.6-5.fc36
golang-github-markbates-pkger-0.17.1-5.fc36
golang-github-martinhoefling-goxkcdpwgen-0.1.0-2.fc36
golang-github-mattn-colorable-0.1.8-5.fc36
golang-github-mdlayher-dhcp6-0-0.8.20200429git2a67805.fc36
golang-github-mgutz-ansi-0-0.13.20200729gitd51e80e.fc36
golang-github-mholt-archiver-3.5.1-3.fc36
golang-github-microcosm-cc-bluemonday-1.0.17-3.fc36
golang-github-mmarkdown-mmark-2.2.10-5.fc36
golang-github-mock-1.6.0-3.fc36
golang-github-morikuni-aec-1.0.0-5.fc36
golang-github-mrunalp-fileutils-0.5.0-5.fc36
golang-github-multiformats-multibase-0.0.3-2.20220213gitf067816.fc36
golang-github-multiformats-multihash-0.1.0-2.fc36
golang-github-mvo5-uboot-0.4-10.fc36
golang-github-nats-io-nkeys-0.2.0-5.fc36
golang-github-nats-io-streaming-server-0.20.0-5.fc36
golang-github-nbutton23-zxcvbn-0.1-8.20210110gite56b841.fc36
golang-github-nicksnyder-i18n-2-2.1.2-5.fc36
golang-github-nxadm-tail-1.4.6-7.fc36
golang-github-oklog-0.3.2-10.20190701gitca7cdf5.fc36
golang-github-oklog-ulid-2.0.2-10.fc36
golang-github-olekukonko-tablewriter-0.0.5-3.fc36
golang-github-oneofone-xxhash-1.2.8-5.fc36
golang-github-onsi-ginkgo-2-2.1.4-2.fc36
golang-github-pact-foundation-1.5.1-6.fc36
golang-github-pdfcpu-0.3.13-2.fc36
golang-github-pelletier-toml-1.9.4-2.fc36
golang-github-pelletier-toml-2-2.0.0~beta.8-4.fc36
golang-github-phayes-freeport-1.0.2-6.fc36
golang-github-pierrec-lz4-4.1.3-5.fc36
golang-github-pierrre-geohash-1.0.0-4.fc36
golang-github-pkg-diff-0-0.4.20210406git20ebb0f.fc36
golang-github-posener-complete-1.2.3-8.fc36
golang-github-posener-complete-2-2.0.1~alpha.13-5.fc36
golang-github-pquerna-ffjson-0-0.9.20200730gitaa0246c.fc36
golang-github-pressly-goose-2.7.0-4.fc36
golang-github-projectdiscovery-chaos-client-0.2.0-2.fc36
golang-github-projectdiscovery-mapcidr-0.0.8-3.fc36
golang-github-prometheus-2.32.1-5.fc36
golang-github-prometheus-alertmanager-0.23.0-9.fc36
golang-github-prometheus-node-exporter-1.3.1-8.fc36
golang-github-prometheus-prom2json-1.3.0-8.20210811git90766c0.fc36
golang-github-prometheus-tsdb-0.10.0-7.fc36
golang-github-quay-goval-parser-0.8.6-4.fc36
golang-github-rakyll-statik-0.1.7-8.fc36
golang-github-rcrowley-metrics-0-0.28.20210110gitcf1acfc.fc36
golang-github-redteampentesting-monsoon-0.6.0-6.fc36
golang-github-rogpeppe-internal-1.8.1-2.fc36
golang-github-rubenv-sql-migrate-0-0.4.20210529gita32ed26.fc36
golang-github-rwcarlsen-goexif-0-0.9.20191017git9e8deec.fc36
golang-github-shellcode33-vm-detection-0-0.6.20200715git4fd05cb.fc36
golang-github-shopify-sarama-1.27.2-5.fc36
golang-github-shulhan-bindata-3.6.1-6.fc36
golang-github-shurcool-vfsgen-0-0.11.20210113git0d455de.fc36
golang-github-skip2-qrcode-0-2.20220316gitda1b656.fc36
golang-github-snappy-0.0.2-6.fc36
golang-github-sourcegraph-syntaxhighlight-0-0.11.20180418gitbd320f5.fc36
golang-github-spf13-cobra-1.4.0-3.fc36
golang-github-tdewolff-minify-2.11.10-3.fc36
golang-github-temoto-robotstxt-1.1.2-3.fc36
golang-github-theupdateframework-notary-0.7.0-5.fc36
golang-github-twitchtv-twirp-8.1.0-4.fc36
golang-github-twpayne-waypoint-0-0.4.20210130git4f8e6bf.fc36
golang-github-uber-athenadriver-1.1.12-5.fc36
golang-github-uber-jaeger-client-2.30.0-2.fc36
golang-github-ulikunitz-xz-0.5.10-4.fc36
golang-github-u-root-iscsinl-0.1.0-4.fc36
golang-github-valyala-fasthttp-1.29.0-3.fc36
golang-github-vbatts-tar-split-0.11.1-10.fc36
golang-github-vincent-petithory-dataurl-0-0.7.20200110gitd1553a7.fc36
golang-github-vmware-govmomi-0.24.0-5.fc36
golang-github-xordataexchange-crypt-0.0.2-12.20190412gitb2862e3.fc36
golang-github-xo-terminfo-0-0.6.20210113gitc22d04b.fc36
golang-github-yuin-gopher-lua-0-23.20220305gitf4c35e4.fc36
golang-gitlab-commonmark-linkify-0-0.9.20200805git64bca66.fc36
golang-google-appengine-1.6.7-5.fc36
golang-google-protobuf-1.27.1-5.fc36
golang-gopkg-neurosnap-sentences-1-1.0.6-14.fc36
golang-gopkg-square-jose-2-2.6.0-3.fc36
golang-gopkg-src-d-git-4-4.13.1-8.fc36
golang-honnef-tools-2021.1.2-2.20220304git852a31a.fc36
golang-jaytaylor-html2text-0-0.2.20220509gitbc68cce.fc36
golang-k8s-apiextensions-apiserver-1.22.0-6.fc36
golang-k8s-code-generator-1.22.0-4.fc36
golang-k8s-kube-aggregator-1.22.0-4.fc36
golang-k8s-kube-openapi-0-0.21.20210813git3c81807.fc36
golang-k8s-pod-security-admission-1.22.0-3.fc36
golang-k8s-sample-apiserver-1.22.0-5.fc36
golang-k8s-sample-cli-plugin-1.22.0-4.fc36
golang-k8s-sample-controller-1.22.0-4.fc36
golang-mongodb-mongo-driver-1.4.5-6.fc36
golang-mvdan-xurls-2.2.0-6.fc36
golang-sourcegraph-appdash-0-0.9.20210113gitebfcffb.fc36
golang-storj-drpc-0.0.31-2.fc36
golang-vbom-util-0-0.11.20190520gitefcd4e0.fc36
golang-x-debug-0-0.14.20210123gitc934e1b.fc36
golang-x-exp-0-0.43.20220330git053ad81.fc36
golang-x-lint-0-16.20210123git83fdc39.fc36
golang-x-mod-0.6.0~dev-3.20220330git9b9b3d8.fc36
golang-x-perf-0-0.15.20210123gitbdcc622.fc36
golang-x-text-0.3.7-2.fc36
golist-0.10.1-9.fc36
goloris-0-0.6.20200326gita59fafb.fc36
gopass-hibp-1.12.0-2.20220511gitd4baae0.fc36
gopass-jsonapi-1.11.1-2.20220511git5dc831e.fc36
gotags-1.4.1-8.fc36
grpcurl-1.8.6-3.fc36
hakrevdns-0-0.5.20201116git9fa2d59.fc36
hcloud-1.29.5-3.fc36
htmltest-0.15.0-3.fc36
httprobe-0.1.2-6.fc36
hulk-0-0.6.20200620git9670699.fc36
jid-0.7.6-9.fc36
kiln-0.2.0-4.fc36
kubernetes-1.24.1-2.fc36
mass3-0-0.6.20200627gite1d5f1a.fc36
meg-0.2.4-6.fc36
meshbird-2.3-6.fc36
micro-2.0.8-5.fc36
moby-engine-20.10.17-3.fc36
mqttcli-0.2.3-2.fc36
nats-server-2.1.9-6.fc36
netscanner-0-0.5.20201116git8baab36.fc36
ohmybackup-0-0.6.20200526git50f2fce.fc36
onionscan-0.2-7.fc36
open-policy-agent-0.31.0-5.fc36
podman-tui-0.4.0-2.fc36
powerline-go-1.21.0-4.fc36
shellz-1.5.0-7.fc36
shhgit-0.2-7.fc36
snapd-2.55.3-2.fc36
snowcrash-0-0.7.20201119git49b99ad.fc36
source-to-image-1.3.1-4.fc36
subfinder-2.5.2-2.fc36
syncthing-1.20.2-2.fc36
sysutil-0-0.7.20200615git15668db.fc36
terrier-0.0.2-6.fc36
tiedot-3.4-8.fc36
toolbox-0.0.99.3-5.fc36
vgrep-2.6.0-2.fc36
vultr-2.0.3-5.fc36
vultr-cli-2.12.2-2.fc36
webanalyze-0.3.1-6.fc36
weldr-client-35.5-2.fc36
wgctrl-0-0.11.20210811git4253848.fc36
xq-0.0.7-4.fc36
yggdrasil-0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc36
yubihsm-connector-3.0.2-3.fc36
Update description:
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629
Update to 1.1.0
Disable package_note on arm too
update to 0.44.1 rhbz#2007854
Add missing archive
Update to 0.0.31 – Close: rhbz#1963535
#InfosecurityEurope2022 Defense Looks to Bring Cyber Into the Mainstream
Read Time:6 Second
UK forces need talent and skills to allow the UK to counter cyber-threats and defend its interests
USN-5489-1: QEMU vulnerabilities
Read Time:1 Minute, 17 Second
Alexander Bulekov discovered that QEMU incorrectly handled floppy disk
emulation. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service, or possibly leak
sensitive information. (CVE-2021-3507)
It was discovered that QEMU incorrectly handled NVME controller emulation.
An attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS. (CVE-2021-3929)
It was discovered that QEMU incorrectly handled QXL display device
emulation. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-4206, CVE-2021-4207)
Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that QEMU
incorrectly handled the virtiofsd shared file system daemon. An attacker
inside the guest could use this issue to create files with incorrect
ownership, possibly leading to privilege escalation. This issue only
affected Ubuntu 22.04 LTS. (CVE-2022-0358)
It was discovered that QEMU incorrectly handled virtio-net devices. A
privileged attacker inside the guest could use this issue to cause QEMU to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-26353)
It was discovered that QEMU incorrectly handled vhost-vsock devices. A
privileged attacker inside the guest could use this issue to cause QEMU to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-26354)
USN-5488-1: OpenSSL vulnerability
Read Time:9 Second
Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the
c_rehash script. A local attacker could possibly use this issue to execute
arbitrary commands when c_rehash is run.
#Infosec2022: Ransomware: Payment Decisions Finely Balanced
Read Time:6 Second
Firms need to weigh up operational, ethical and financial issues when deciding whether to pay ransomware, according to experts
USN-5487-1: Apache HTTP Server vulnerabilities
Read Time:59 Second
It was discovered that Apache HTTP Server mod_proxy_ajp incorrectly handled
certain crafted request. A remote attacker could possibly use this issue to
perform an HTTP Request Smuggling attack. (CVE-2022-26377)
It was discovered that Apache HTTP Server incorrectly handled certain
request. An attacker could possibly use this issue to cause a denial
of service. (CVE-2022-28614)
It was discovered that Apache HTTP Server incorrectly handled certain request.
An attacker could possibly use this issue to cause a crash or expose
sensitive information. (CVE-2022-28615)
It was discovered that Apache HTTP Server incorrectly handled certain request.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-29404)
It was discovered that Apache HTTP Server incorrectly handled certain
request. An attacker could possibly use this issue to cause a crash.
(CVE-2022-30522)
It was discovered that Apache HTTP Server incorrectly handled certain request.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash. (CVE-2022-30556)
It was discovered that Apache HTTP Server incorrectly handled certain request.
An attacker could possibly use this issue to bypass IP based authentication.
(CVE-2022-31813)
Hidden Anti-Cryptography Provisions in Internet Anti-Trust Bills
Read Time:3 Minute, 17 Second
Two bills attempting to reduce the power of Internet monopolies are currently being debated in Congress: S. 2992, the American Innovation and Choice Online Act; and S. 2710, the Open App Markets Act. Reducing the power to tech monopolies would do more to “fix” the Internet than any other single action, and I am generally in favor of them both. (The Center for American Progress wrote a good summary and evaluation of them. I have written in support of the bill that would force Google and Apple to give up their monopolies on their phone app stores.)
There is a significant problem, though. Both bills have provisions that could be used to break end-to-end encryption.
Let’s start with S. 2992. Sec. 3(c)(7)(A)(iii) would allow a company to deny access to apps installed by users, where those app makers “have been identified [by the Federal Government] as national security, intelligence, or law enforcement risks.” That language is far too broad. It would allow Apple to deny access to an encryption service provider that provides encrypted cloud backups to the cloud (which Apple does not currently offer). All Apple would need to do is point to any number of FBI materials decrying the security risks with “warrant proof encryption.”
Sec. 3(c)(7)(A)(vi) states that there shall be no liability for a platform “solely” because it offers “end-to-end encryption.” This language is too narrow. The word “solely” suggests that offering end-to-end encryption could be a factor in determining liability, provided that it is not the only reason. This is very similar to one of the problems with the encryption carve-out in the EARN IT Act. The section also doesn’t mention any other important privacy-protective features and policies, which also shouldn’t be the basis for creating liability for a covered platform under Sec. 3(a).
In Sec. 2(a)(2), the definition of business user excludes any person who “is a clear national security risk.” This term is undefined, and as such far too broad. It can easily be interpreted to cover any company that offers an end-to-end encrypted alternative, or a service offered in a country whose privacy laws forbid disclosing data in response to US court-ordered surveillance. Again, the FBI’s repeated statements about end-to-end encryption could serve as support.
Finally, under Sec. 3(b)(2)(B), platforms have an affirmative defense for conduct that would otherwise violate the Act if they do so in order to “protect safety, user privacy, the security of nonpublic data, or the security of the covered platform.” This language is too vague, and could be used to deny users the ability to use competing services that offer better security/privacy than the incumbent platform—particularly where the platform offers subpar security in the name of “public safety.” For example, today Apple only offers unencrypted iCloud backups, which it can then turn over governments who claim this is necessary for “public safety.” Apple can raise this defense to justify its blocking third-party services from offering competing, end-to-end encrypted backups of iMessage and other sensitive data stored on an iPhone.
S. 2710 has similar problems. Sec 7. (6)(B) contains language specifying that the bill does not “require a covered company to interoperate or share data with persons or business users that…have been identified by the Federal Government as national security, intelligence, or law enforcement risks.” This would mean that Apple could ignore the prohibition against private APIs, and deny access to otherwise private APIs, for developers of encryption products that have been publicly identified by the FBI. That is, end-to-end encryption products.
I want those bills to pass, but I want those provisions cleared up so we don’t lose strong end-to-end encryption in our attempt to reign in the tech monopolies.
Microsoft Out-of-Band Update Fixes Arm Device Issues
The three core strengths of USM Anywhere
Read Time:3 Minute, 20 Second
This blog was written by an independent guest blogger.
USM Anywhere is the ideal solution for small and mid-sized businesses that need multiple high-quality security tools in a single, unified package.
There’s no reason large, global enterprises should have a monopoly on top cybersecurity technology. Solutions like USM Anywhere give smaller organizations access to security tools that are both effective and affordable.
USM Anywhere offers a centralized solution for monitoring networks and devices for security threats. It secures devices operating on-premises, remotely, and in the cloud. By combining multiple security tools into a single, streamlined interface, USM Anywhere gives smaller organizations a competitive solution for obtaining best-in-class security outcomes.
Castra’s extensive experience working with USM Anywhere has given us unique insight into the value it represents. There is a clear difference in security returns and outcomes between USM Anywhere users and those that put their faith in proprietary solutions developed by managed security service providers. This is especially true for organizations with less than 1000 employees, where management is under considerable pressure to justify security expenditures.
Three ways USM Anywhere outperforms
USM Anywhere furnishes organizations with essential security capabilities right out of the box. It is a full-featured security information and event management platform that enables analysts to discover assets, assess vulnerabilities, detect threats, and respond to security incidents. It features built-in and customizable compliance reporting capabilities, as well as behavioral monitoring capabilities.
These features, along with the platform’s uniquely integrated architecture, provide valuable benefits to security-conscious organizations:
1. Automated log management
USM Anywhere enables analysts to automate log collection and event data from data sources throughout the IT environment. With the right configuration, analysts can receive normalized logs enriched with appropriate data and retain them in a compliant storage solution.
This eliminates the need for costly and time-consuming manual log aggregation, significantly improving the productivity of every employee-hour spent on security tasks. Improved logging efficiency gives security teams more time to spend on strategic, high-value initiatives that generate significant returns.
2. Cloud platform API integration
USM Anywhere integrates with the most popular cloud and productivity platforms, including Office 365 and Amazon AWS.
With the Office 365 Management API, analysts can monitor user and administrator activities throughout the entire Microsoft environment. This makes it easy for analysts to detect anomalies like users logging in from unfamiliar territories, changing mailbox privileges, or sending sensitive data outside the organization.
The CloudWatch and CloudTrail APIs allow analysts to monitor AWS environments and review log activity within the cloud. Gain real-time visibility into asset creation, security group configurations, and S3 access control changes directly through an intuitive, unified SIEM interface.
3. Orchestrated response capabilities
Analysts need accurate, real-time data on suspicious activities so they can categorize attacks and orchestrate a coherent response. USM Anywhere gives analysts access to full details about attack methods, strategies, and response guidance.
AlienApps™ users can extend USM Anywhere capabilities to third-party security and management platforms, allowing analysts to initiate and orchestrate comprehensive event response from within the USM Anywhere user interface. This allows Castra analysts to automate the integration of Palo Alto Cortex XDR capabilities and Anomali Threat Intelligence data from directly within USM Anywhere.
Make Castra your USM Anywhere partner
Castra has been an AlienVault partner since 2013, successfully deploying the company’s security technologies thousands of times. Our remarkable customer renewal rate of almost 100% stands a testament to the effectiveness of our approach. Working with Castra gives you visibility and control over your security posture, while supporting it with qualified expertise on demand.
We have worked closely with AT&T’s USM Anywhere development team for years, providing critical feedback even before AlienVault was publicly released. Our security analysts have deep knowledge of this platform and can personalize its performance to meet your security objectives and compliance needs to the letter. Speak to a Castra expert about optimizing your SIEM deployment to find out more.