Read Time:10 Second
FEDORA-2023-260668b8b9
Packages in this update:
xen-4.16.4-3.fc37
Update description:
bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
Monthly Archives: July 2023
xen-4.17.1-8.fc38
Read Time:11 Second
FEDORA-2023-38f0879ef3
Packages in this update:
xen-4.17.1-8.fc38
Update description:
bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]
x86/AMD: Zenbleed [XSA-433]
omit OCaml 5 patch on fc38
firefox-stable-3820230731114404.1
Read Time:7 Second
FEDORA-FLATPAK-2023-52aaedce93
Packages in this update:
firefox-stable-3820230731114404.1
Update description:
Update to 116.0
Update to 115.0.2
SpyNote Android Spyware Strikes Financial Institutions
Read Time:4 Second
Cleafy said the malware exploits Accessibility services to conduct multiple malicious activities
USN-6242-2: OpenSSH vulnerability
Read Time:22 Second
USN-6242-1 fixed a vulnerability in OpenSSH. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS,
and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that OpenSSH incorrectly handled loading certain PKCS#11
providers. If a user forwarded their ssh-agent to an untrusted system, a
remote attacker could possibly use this issue to load arbitrary libraries
from the user’s system and execute arbitrary code.
APT31 Implants Target Industrial Organizations
Read Time:4 Second
The attackers established a channel for data exfiltration, including from air-gapped systems
Biden Announces National Cyber Workforce and Education Strategy
Read Time:4 Second
The White House says that filling cyber job vacancies is a national security imperative
CVE-2020-36763
Read Time:9 Second
Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post.
llhttp-8.1.1-1.fc38 python-aiohttp-3.8.5-1.fc38
Read Time:12 Second
FEDORA-2023-f75af676f2
Packages in this update:
llhttp-8.1.1-1.fc38
python-aiohttp-3.8.5-1.fc38
Update description:
Update llhttp to 8.1.1 and python-aiohttp to 3.8.5. Fixes CVE-2023-30589.
UK Military Embraces Security by Design
Read Time:5 Second
The initiative is designed to transform how cybersecurity is addressed in capability programs across the MoD