Read Time:8 Second
FEDORA-EPEL-2022-1fbc5ebf38
Packages in this update:
python-elasticsearch-7.17.4-1.el9
Update description:
Update to 7.17.4 (rhbz #2066385 + #2072294 and #2094515)
Monthly Archives: June 2022
ntfs-3g-2022.5.17-1.fc35
Read Time:7 Second
FEDORA-2022-8fa7e5aeaf
Packages in this update:
ntfs-3g-2022.5.17-1.fc35
Update description:
New upstream version 2022.5.17
ntfs-3g-2022.5.17-1.fc36
Read Time:7 Second
FEDORA-2022-8f775872c9
Packages in this update:
ntfs-3g-2022.5.17-1.fc36
Update description:
New upstream version 2022.5.17
CVE-2019-25063
Read Time:12 Second
A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack.
CVE-2019-25062
Read Time:15 Second
A vulnerability was found in Sricam IP CCTV Camera and classified as critical. This issue affects some unknown processing of the component Device Viewer. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Best practices for deploying multi-factor authentication on Microsoft networks
Read Time:30 Second
Microsoft will soon change the mandate to multi-factor authentication (MFA) with changes to Microsoft 365 defaults. As Microsoft points out, “When we look at hacked accounts, more than 99.9% don’t have MFA, making them vulnerable to password spray, phishing and password reuse. “Based on usage patterns, we’ll start [mandating MFA] with organizations that are a good fit for security defaults. Specifically, we will start with customers who aren’t using Conditional Access, haven’t used security defaults before, and aren’t actively using legacy authentication clients.”
6 top attributes employers want in new CISOs
Read Time:50 Second
Looking for your next position as a CISO, preferably one with more pay, better benefits, and more on-the-job responsibilities/respect? Then you need to know what skills and qualities prospective employers are seeking now from their CISO hires to maximize your chances of getting your dream job. Here are the top six attributes recruiters sayorganizations are looking for in a CISO.
1. Previous CISO experience (probably)
Today’s employers expect new CISOs to bring a wealth of skills to their positions. According to Burke Autrey, partner and CEO of IT talent recruitment firm Fortium Partners, organizations are seeking experienced candidates who have served as CISOs “multiple times at multiple companies.” In their previous positions, their duties will have covered “governance, compliance, monitoring/threat detection, and incident response as a leader,” he says. Such CISOs will have also gained experience in managing “budgets, people resources, peer executive and board interaction, and law enforcement and insurance liaison responsibilities.”
Attacker Dwell Time Surges 36% in 2021
php-8.1.7-1.fc36
Read Time:1 Minute, 22 Second
FEDORA-2022-f3fc52428e
Packages in this update:
php-8.1.7-1.fc36
Update description:
PHP version 8.1.7 (09 Jun 2022)
CLI:
Fixed bug GH-8575 (CLI closes standard streams too early). (Levi Morrison)
Date:
Fixed bug php#51934 (strtotime plurals / incorrect time). (Derick)
Fixed bug php#51987 (Datetime fails to parse an ISO 8601 ordinal date (extended format)). (Derick)
Fixed bug php#66019 (DateTime object does not support short ISO 8601 time format – YYYY-MM-DDTHH) (cmb, Derick)
Fixed bug php#68549 (Timezones and offsets are not properly used when working with dates) (Derick, Roel Harbers)
Fixed bug php#81565 (date parsing fails when provided with timezones including seconds). (Derick)
Fixed bug GH-7758 (Problems with negative timestamps and fractions). (Derick, Ilija)
FPM:
Fixed ACL build check on MacOS. (David Carlier)
Fixed bug php#72185: php-fpm writes empty fcgi record causing nginx 502. (Jakub Zelenka, loveharmful)
mysqlnd:
Fixed bug php#81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626) (c dot fol at ambionics dot io)
OPcache:
Fixed bug GH-8461 (tracing JIT crash after function/method change). (Arnaud, Dmitry)
OpenSSL:
Fixed bug php#79589 (error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading). (Jakub Zelenka)
Pcntl:
Fixed Haiku build. (David Carlier)
pgsql
Fixed bug php#81720: Uninitialized array in pg_query_params(). (CVE-2022-31625) (cmb)
Soap:
Fixed bug GH-8578 (Error on wrong parameter on SoapHeader constructor). (robertnisipeanu)
Fixed bug GH-8538 (SoapClient may strip parts of nmtokens). (cmb)
SPL:
Fixed bug GH-8235 (iterator_count() may run indefinitely). (cmb)
Standard:
Fixed bug GH-8185 (Crash during unloading of extension after dl() in ZTS). (Arnaud)
php-8.0.20-1.fc35
Read Time:54 Second
FEDORA-2022-0a96e5b9b1
Packages in this update:
php-8.0.20-1.fc35
Update description:
PHP version 8.0.20 (09 Jun 2022)
CLI:
Fixed bug GH-8575 (CLI closes standard streams too early). (Levi Morrison)
Core:
Fixed Haiku ZTS builds. (David Carlier)
Date:
Fixed bug GH-8471 (Segmentation fault when converting immutable and mutable DateTime instances created using reflection). (Derick)
FPM:
Fixed ACL build check on MacOS. (David Carlier)
Fixed bug php#72185: php-fpm writes empty fcgi record causing nginx 502. (Jakub Zelenka, loveharmful)
Mysqlnd:
Fixed bug php#81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626) (c dot fol at ambionics dot io)
OPcache:
Fixed bug GH-8466 (ini_get() is optimized out when the option does not exist). (Arnaud)
Pcntl:
Fixed Haiku build. (David Carlier)
Pgsql:
Fixed bug php#81720: Uninitialized array in pg_query_params(). (CVE-2022-31625) (cmb)
Soap:
Fixed bug GH-8578 (Error on wrong parameter on SoapHeader constructor). (robertnisipeanu)
Fixed bug GH-8538 (SoapClient may strip parts of nmtokens). (cmb)
SPL:
Fixed bug GH-8235 (iterator_count() may run indefinitely). (cmb)