FEDORA-2022-0dbfb7e270
Packages in this update:
gnupg1-1.4.23-18.fc35
Update description:
Security fix for CVE-2022-34903
gnupg1-1.4.23-18.fc35
Security fix for CVE-2022-34903
gnupg1-1.4.23-18.fc36
Security fix for CVE-2022-34903
An SBOM is a formal, structured record that not only details the components of a software product, but also describes their supply chain relationship. An SBOM outlines both what packages and libraries went into your application and the relationship between those packages and libraries and other upstream projects—something that’s of particular importance when it comes to reused code and open source.
You might be familiar with a bill of materials for an automobile. This is a document that goes into great detail about every component that makes your new car run. The auto supply chain is notoriously complex, and even though your car was assembled by Toyota or General Motors, many of its component parts were built by subcontractors around the world. The bill of materials tells you where each of those parts came from, and that knowledge isn’t just an interesting bit of trivia. If a certain production run of airbags has been recalled, car manufacturers need a quick way to know where those particular airbags ended up.
lua-5.4.4-3.fc35
Update to the latest bugfixes (1-5) against 5.4.4. Includes fixes for CVE-2022-28805 and CVE-2022-33099.
lua-5.4.4-3.fc36
Update to the latest bugfixes (1-5) against 5.4.4. Includes fixes for CVE-2022-28805 and CVE-2022-33099.
Israel-based SASE (secure access service edge) provider Cato Networks has announced a security service edge (SSE) offering, Cato SSE 360, that includes Cato DLP, a capability for data loss protection across business applications that allows for customizable rules.
Along with SSE 360, Cato is also offering a new expert certification for the SSE architecture.
“Traditional SSE architectures are mostly proxy-based solutions which have limited visibility and control over WAN traffic as they only take into account the traffic from users to the internet,” says Boaz Avigad, director of product marketing at Cato Networks. “However, at some point they’ll need to cover data centers, on-prem and cloud. Cato SSE 360 does that.”
osmo-0.4.4-2.fc36
removes phishing site as URL, and updates to new.
explicitly BuildRequires gcc
osmo-0.4.4-2.fc35
removes phishing site as URL, and updates to new.
explicitly BuildRequires gcc
Hackers can exploit vulnerabilities in a popular GPS tracking device used around the world for vehicle fleet management across many industry sectors. The tracker, made by a Chinese company called MiCODUS, is widely available to purchase from online retailers and has anti-theft, fuel cut off, remote control, and geofencing capabilities.
“The exploitation of these vulnerabilities could have disastrous and even life-threatening implications,” researchers from cybersecurity assessment firm BitSight said in a report. “For example, an attacker could exploit some of the vulnerabilities to cut fuel to an entire fleet of commercial or emergency vehicles. Or the attacker could leverage GPS information to monitor and abruptly stop vehicles on dangerous highways. Attackers could choose to surreptitiously track individuals or demand ransom payments to return disabled vehicles to working condition. There are many possible scenarios which could result in loss of life, property damage, privacy intrusions, and threaten national security.”