Read Time:8 Second
FEDORA-EPEL-2023-40edbf0dcb
Packages in this update:
libgit2-1.3.2-2.el9
Update description:
Update to 1.3.2 (CVE-2022-29187, CVE-2022-24765)
Daily Archives: January 20, 2023
libgit2-1.3.2-1.fc37
Read Time:8 Second
FEDORA-2023-470c7ea49e
Packages in this update:
libgit2-1.3.2-1.fc37
Update description:
Update to 1.3.2 (CVE-2022-29187, CVE-2022-24765)
libgit2-1.3.2-1.fc36
Read Time:8 Second
FEDORA-2023-1068309389
Packages in this update:
libgit2-1.3.2-1.fc36
Update description:
Update to 1.3.2 (CVE-2022-29187, CVE-2022-24765)
Wallarm touts API leak protection with new scanning feature
Read Time:38 Second
API security company Wallarm announced Frdiay that it had opened a preview period for its newest offering — an active scanning system that checks through public sources of compromised API data, alerts users, and provides automated responses if a compromise is detected.
The API Leak Protection feature, which will be deployed via Wallarm’s existing End-to-End API Security platform, takes advantage of that platform’s inventory of a given organization’s APIs. The system checks those APIs against compromised data found in known public sources of leaked API information — Pastebin, public repositories, and even dark web sources. It then revokes all access to requests made with compromised tokens, and blocks future requests from using them.
Friday Squid Blogging: Another Giant Squid Captured on Video
Read Time:27 Second
Here’s a new video of a giant squid, filmed in the Sea of Japan.
I believe it’s injured. It’s so close to the surface, and not really moving very much.
“We didn’t see the kinds of agile movements that many fish and marine creatures normally show,” he said. “Its tentacles and fins were moving very slowly.”
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
rubygem-git-1.13.0-1.el8
Read Time:6 Second
FEDORA-EPEL-2023-4bfde08e46
Packages in this update:
rubygem-git-1.13.0-1.el8
Update description:
CVE-2022-47318
rubygem-git-1.13.0-1.fc37
Read Time:6 Second
FEDORA-2023-e3985c2b3b
Packages in this update:
rubygem-git-1.13.0-1.fc37
Update description:
CVE-2022-47318
CVE-2020-22660
Read Time:38 Second
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to force bypass Secure Boot failed attempts and run temporarily the previous Backup image.
CVE-2020-22659
Read Time:38 Second
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature.
CVE-2020-22658
Read Time:38 Second
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image.