FEDORA-2022-3482bd98e6
Packages in this update:
thunderbird-91.10.0-1.fc35
Update description:
Update to 91.10.0
See https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
Update to 91.9.1
thunderbird-91.10.0-1.fc35
Update to 91.10.0
See https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
Update to 91.9.1
mutt-2.2.5-1.fc36
Upgrade to 2.3.5
Upgrade to 2.2.3
thunderbird-91.10.0-1.fc36
Update to 91.10.0
See https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
The lawyers continue to gather their billable hours as the legal tussle between data science company hiQ Labs and LinkedIn plays out in the United States federal courts. The most recent update took place in the Ninth Circuit Court of Appeals, with Judge Marsha Berzon writing the opinion, where hiQ Labs was granted a continued preliminary injunction, which would allow the company access LinkedIn’s publicly available corpus of data. The ruling also remanded the companies for further proceedings on the subject. In addition, the court held that hiQ’s actions do not violate the U.S. Computer Fraud and Abuse Act (CFAA).
If you have a traditional domain, it’s time to audit your Active Directory. In fact, it’s probably way past time. You probably have accounts that have been unchanged for years and might not have reviewed settings or registry entries. Attackers know that these domains have legacy settings that allow them to take greater control and use techniques to gain domain rights. Active Directory security came into the news with the release of several updates in May, you need to take many more steps than mere patching to protect your network.
Microsoft’s server tools include Best Practices Analyzer (BPA), but it doesn’t identify some of the means that attackers use to go after Active Directory domains. Several other resources analyze the health and security of Active Directory domains including Purple Knight from Semperis, PingCastle, or Quest’s Active Directory health check tool.
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Visual Studio. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.