Read Time:3 Second
Indictments claim Russian was involved in Babuk, Hive and LockBit
Daily Archives: May 17, 2023
USN-6082-1: EventSource vulnerability
Read Time:11 Second
It was discovered that EventSource incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to obtain
sensitive information.
Security breaches push digital trust to the fore
Read Time:33 Second
As digital transactions with customers, employees, suppliers, and other stakeholders grow, digital trustworthiness is set to become one of the most important enterprise-wide initiatives with the biggest potential impact (both negative and positive), even though it often has the smallest budget allocation.
“Organizations are focusing on security and privacy, but if your customers don’t trust you, they will go elsewhere,” says Mark Thomas president of Escoute Consulting, which specializes in compliance. This view is borne out in a 2022 DigiCert digital trust survey that found 84% of customers would consider switching if they lost trust in a company.
NSO Group Spends Millions Lobbying US Government
dropbear-2020.80-7.el9
Read Time:9 Second
FEDORA-EPEL-2023-734a94ae05
Packages in this update:
dropbear-2020.80-7.el9
Update description:
This update is a backport of the upstream fix for CVE-2021-36369.
dropbear-2019.78-5.el8
Read Time:9 Second
FEDORA-EPEL-2023-78e9d2e031
Packages in this update:
dropbear-2019.78-5.el8
Update description:
This update is a backport of the upstream fix for CVE-2021-36369.
dropbear-2017.75-3.el7
Read Time:9 Second
FEDORA-EPEL-2023-00ddf3658a
Packages in this update:
dropbear-2017.75-3.el7
Update description:
This update is a backport of the upstream fix for CVE-2021-36369.
wordpress-5.1.16-1.el7
Read Time:9 Second
FEDORA-EPEL-2023-cd6dc8dccf
Packages in this update:
wordpress-5.1.16-1.el7
Update description:
WordPress 5.1.16 Security Release
Includes security fixes from 6.2.1
wordpress-6.2.1-1.fc37
Read Time:37 Second
FEDORA-2023-db50dafcaa
Packages in this update:
wordpress-6.2.1-1.fc37
Update description:
WordPress 6.2.1 Maintenance & Security Release
Security updates included in this release
Block themes parsing shortcodes in user generated data; thanks to Liam Gladdy of WP Engine for reporting this issue
A CSRF issue updating attachment thumbnails; reported by John Blackbourn of the WordPress security team
A flaw allowing XSS via open embed auto discovery; reported independently by Jakub Żoczek of Securitum and during a third party security audit
Bypassing of KSES sanitization in block attributes for low privileged users; discovered during a third party security audit.
A path traversal issue via translation files; reported independently by Ramuel Gall and during a third party security audit.
wordpress-6.2.1-1.el9
Read Time:37 Second
FEDORA-EPEL-2023-b725f0f13a
Packages in this update:
wordpress-6.2.1-1.el9
Update description:
WordPress 6.2.1 Maintenance & Security Release
Security updates included in this release
Block themes parsing shortcodes in user generated data; thanks to Liam Gladdy of WP Engine for reporting this issue
A CSRF issue updating attachment thumbnails; reported by John Blackbourn of the WordPress security team
A flaw allowing XSS via open embed auto discovery; reported independently by Jakub Żoczek of Securitum and during a third party security audit
Bypassing of KSES sanitization in block attributes for low privileged users; discovered during a third party security audit.
A path traversal issue via translation files; reported independently by Ramuel Gall and during a third party security audit.