In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
python3.10-3.10.8-2.fc37
Security fix for CVE-2022-42919
The leaked data includes personal data like names, addresses and phone numbers, among others
python3.10-3.10.8-2.fc38
Automatic update for python3.10-3.10.8-2.fc38.
* Wed Nov 9 2022 Lumír Balhar <lbalhar@redhat.com> – 3.10.8-2
– Fix CVE-2022-42919
Resolves: rhbz#2138709
python3.9-3.9.15-2.fc38
Automatic update for python3.9-3.9.15-2.fc38.
* Wed Nov 9 2022 Lumír Balhar <lbalhar@redhat.com> – 3.9.15-2
– Fix for CVE-2022-42919
Resolves: rhbz#2138711
The Center for Internet Security has released six new policy templates to help enterprises enact the Safeguards of Implementation Group 1 (IG1).
sysstat-12.6.0-4.fc37
Security fix for CVE-2022-39377 – arithmetic overflow in allocate_structures() on 32 bit systems
sysstat-12.5.6-2.fc36
Security fix for CVE-2022-39377 – arithmetic overflow in allocate_structures() on 32 bit systems
CISA is now pushing phishing-resistant multifactor authentication.
Roger Grimes has an excellent post reminding everyone that “phishing-resistant” is not “phishing proof,” and that everyone needs to stop pretending otherwise. His list of different attacks is particularly useful.
sysstat-12.5.6-2.fc35
Security fix for CVE-2022-39377 – arithmetic overflow in allocate_structures() on 32 bit systems
