Read Time:3 Second
Kremlin set to intensify attacks on critical infrastructure
Yearly Archives: 2022
python-dnslib-0.9.21-1.el8
Read Time:8 Second
FEDORA-EPEL-2022-6319bfdcaa
Packages in this update:
python-dnslib-0.9.21-1.el8
Update description:
Update to latest upstream release 0.9.21
python-dnslib-0.9.21-1.fc38
Read Time:19 Second
FEDORA-2022-96c31cc8f6
Packages in this update:
python-dnslib-0.9.21-1.fc38
Update description:
Automatic update for python-dnslib-0.9.21-1.fc38.
Changelog
* Tue Sep 27 2022 Fabian Affolter <mail@fabian-affolter.ch> – 0.9.21-1
– Update to latest upstream release 0.9.21
– Fix for CVE-2022-22846 (closes rhbz#2042610, closes rhbz#2042611)
DSA-5238 thunderbird – security update
Read Time:6 Second
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
DSA-5239 gdal – security update
Read Time:12 Second
A heap-based buffer overflow vulnerability was discovered in gdal, a
Geospatial Data Abstraction Library, which could result in denial of
service or potentially the execution of arbitrary code, if a specially
crafted file is processed with the PCIDSK driver.
Cybersecurity at Scale: Piercing the Fog of More
Read Time:6 Second
To pierce the Fog of More, organizations must implement essential cyber hygiene and track their implementation of security best practices.
Zoho ManageEngine flaw is actively exploited, CISA warns
Read Time:48 Second
A remote code execution vulnerability in Zoho’s ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) added the flaw to its catalog of known exploited vulnerabilities last week, highlighting an immediate threat for organizations that haven’t yet patched their vulnerable deployments.
The vulnerability, tracked as CVE-2022-3540, was privately reported to Zoho in June by a security researcher identified as Vinicius and was fixed later that same month. The researcher posted a more detailed writeup at the beginning of this month and, according to him, it’s a Java deserialization flaw inherited from an outdated version of Apache OFBiz, an open-source enterprise resource planning system, where it was patched in 2020 (CVE-2020-9496). This means that the Zoho ManageEngine products were vulnerable for two years due a failure to update a third-party component.
scala-2.13.9-1.fc36
Read Time:12 Second
FEDORA-2022-34acf878fb
Packages in this update:
scala-2.13.9-1.fc36
Update description:
Security fix for CVE-2022-36944.
See https://github.com/scala/scala/releases/tag/v2.13.9 for other changes in scala 2.13.9.
scala-2.13.9-1.fc35
Read Time:12 Second
FEDORA-2022-07dd9375b2
Packages in this update:
scala-2.13.9-1.fc35
Update description:
Security fix for CVE-2022-36944.
See https://github.com/scala/scala/releases/tag/v2.13.9 for other changes in scala 2.13.9.
Fitbit Increases Security Requirements, Mandates Google Login From 2023
Read Time:6 Second
Users will have the option to log in using their Fitbit account for as long as it is supported