Read Time:7 Second
FEDORA-2023-bc61f7a145
Packages in this update:
mod_security-2.9.7-1.fc38
Update description:
new version 2.9.7
switch to PCRE2
Daily Archives: April 13, 2023
mod_security-2.9.7-1.fc36
Read Time:7 Second
FEDORA-2023-8aa264d5c5
Packages in this update:
mod_security-2.9.7-1.fc36
Update description:
new version 2.9.7
switch to PCRE2
mod_security-2.9.7-1.fc37
Read Time:7 Second
FEDORA-2023-09f0496e60
Packages in this update:
mod_security-2.9.7-1.fc37
Update description:
new version 2.9.7
switch to PCRE2
mingw-freeimage-3.19.0-0.14.svn1889.fc36
Read Time:8 Second
FEDORA-2023-2682ede2ed
Packages in this update:
mingw-freeimage-3.19.0-0.14.svn1889.fc36
Update description:
Backport proposed fix for CVE-2021-33367.
freeimage-3.19.0-0.16.svn1889.fc37 mingw-freeimage-3.19.0-0.14.svn1889.fc37
Read Time:10 Second
FEDORA-2023-748f1d5710
Packages in this update:
freeimage-3.19.0-0.16.svn1889.fc37
mingw-freeimage-3.19.0-0.14.svn1889.fc37
Update description:
Backport proposed fix for CVE-2021-33367.
freeimage-3.19.0-0.16.svn1889.fc38 mingw-freeimage-3.19.0-0.14.svn1889.fc38
Read Time:11 Second
FEDORA-2023-bace76409a
Packages in this update:
freeimage-3.19.0-0.16.svn1889.fc38
mingw-freeimage-3.19.0-0.14.svn1889.fc38
Update description:
Backport proposed fix for CVE-2021-33367.
Fix FTBFS.
Russian cyberspies hit NATO and EU organizations with new malware toolset
Read Time:28 Second
The Polish government warns that a cyberespionage group linked to Russia’s intelligence services is targeting diplomatic and foreign ministries from NATO and EU member states in an ongoing campaign that uses previously undocumented malware payloads. The group, known in the security industry as APT29, Cozy Bear, and NOBELIUM, is believed to be part of Russia’s Foreign Intelligence Service (SVR) and is the group behind the 2020 supply chain attack against software company SolarWinds that led to the compromise of thousands of organizations worldwide.
USN-6018-1: Apport vulnerability
Read Time:13 Second
Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation
vulnerability in apport-cli when viewing crash reports and unprivileged
users are allowed to run sudo less. A local attacker on a specially
configured system could use this to escalate their privilege.
USN-6019-1: Flask-CORS vulnerability
Read Time:8 Second
It was discovered that Flask-CORS did not properly escape paths before
evaluating resource rules. An attacker could possibly use this to
expose sensitive information.
suricata-6.0.11-1.fc38
Read Time:8 Second
FEDORA-2023-43ac51ee44
Packages in this update:
suricata-6.0.11-1.fc38
Update description:
Various security, performance, accuracy, and stability issues have been fixed.