The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.
The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.
wavpack-5.5.0-2.fc35
Security fix for CVE-2022-2476
wavpack-5.5.0-2.fc36
Security fix for CVE-2022-2476
weechat-3.6-2.el7
Brings EPEL 7 in line with other releases, addressing security issues fixed in recent versions
python3.6-3.6.15-13.fc37
Prevent denial of service (DoS) by very large integers.
python3.6-3.6.15-12.fc36
Prevent denial of service (DoS) by very large integers.
python3.6-3.6.15-6.fc35
Prevent denial of service (DoS) by very large integers.
Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).
US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”
dbus-1.14.4-1.fc37
Update to 1.14.4
Fix CVE-2022-42010, CVE-2022-42011 and CVE-2022-42012
