FEDORA-2023-260668b8b9
Packages in this update:
xen-4.16.4-3.fc37
Update description:
bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
xen-4.16.4-3.fc37
bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
xen-4.17.1-8.fc38
bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
x86/AMD: Zenbleed [XSA-433]
omit OCaml 5 patch on fc38
firefox-stable-3820230731114404.1
Update to 116.0
Update to 115.0.2
Cleafy said the malware exploits Accessibility services to conduct multiple malicious activities
USN-6242-1 fixed a vulnerability in OpenSSH. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS,
and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that OpenSSH incorrectly handled loading certain PKCS#11
providers. If a user forwarded their ssh-agent to an untrusted system, a
remote attacker could possibly use this issue to load arbitrary libraries
from the user’s system and execute arbitrary code.
The attackers established a channel for data exfiltration, including from air-gapped systems
The White House says that filling cyber job vacancies is a national security imperative
Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post.
llhttp-8.1.1-1.fc38
python-aiohttp-3.8.5-1.fc38
Update llhttp to 8.1.1 and python-aiohttp to 3.8.5. Fixes CVE-2023-30589.
The initiative is designed to transform how cybersecurity is addressed in capability programs across the MoD