Read Time:8 Second
It was discovered that GNU binutils incorrectly handled certain COFF files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code.
Monthly Archives: December 2022
USN-5761-1: ca-certificates update
Read Time:9 Second
Due to security concerns, the TrustCor certificate authority has been
marked as distrusted in Mozilla’s root store. This update removes the
TrustCor CA certificates from the ca-certificates package.
Manufacturers Struggle to Manage Cyber-Threats from New Tech Deployments
Read Time:6 Second
42% of UK manufacturers have been a victim of cybercrime in the past 12 months, according to new research
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:29 Second
A Vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
USN-5760-2: libxml2 vulnerabilities
Read Time:24 Second
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
CAPTCHA
Read Time:41 Second
This is an actual CAPTCHA I was shown when trying to log into PayPal.
As an actual human and not a bot, I had no idea how to answer. Is this a joke? (Seems not.) Is it a Magritte-like existential question? (It’s not a bicycle. It’s a drawing of a bicycle. Actually, it’s a photograph of a drawing of a bicycle. No, it’s really a computer image of a photograph of a drawing of a bicycle.) Am I overthinking this? (Definitely.) I stared at the screen, paralyzed, for way too long.
It’s probably the best CAPTCHA I have ever encountered; a computer would have just answered.
(In the end, I I treated the drawing as a real bicycle and selected the appropriate squares…and it seemed to like that.)
vim-9.0.1006-1.fc36
Read Time:10 Second
FEDORA-2022-fc4c513d06
Packages in this update:
vim-9.0.1006-1.fc36
Update description:
The newest upstream commit
Security fix for CVE-2022-4141
Vim did not recognize key codes passed by Kitty
vim-9.0.1006-1.fc37
Read Time:10 Second
FEDORA-2022-1e14f3ae45
Packages in this update:
vim-9.0.1006-1.fc37
Update description:
The newest upstream commit
Security fix for CVE-2022-4141
Vim did not recognize key codes passed by Kitty
USN-5760-1: libxml2 vulnerabilities
Read Time:23 Second
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)