Read Time:3 Second
Progressive Britain wants the party to borrow from US security strategy
Daily Archives: September 7, 2023
Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign
UK Government Backs Down on Anti-Encryption Stance
redis-7.0.13-1.fc37
Read Time:37 Second
FEDORA-2023-0e9e7544df
Packages in this update:
redis-7.0.13-1.fc37
Update description:
Redis 7.0.13 Released Wed 06 Sep 2023 15:00:00 IDT
Upgrade urgency SECURITY: See security fixes below.
Security Fixes
(CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and
as a result may grant users executing this command access to keys that are not
explicitly authorized by the ACL configuration.
Bug Fixes
Cluster: fix a race condition where a slot migration may revert on a
subsequent failover or node joining (#12344)
Ensure that the function load timeout is disabled during loading from RDB/AOF
and on replicas. (#12451)
Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)
redis-7.0.13-1.fc38
Read Time:37 Second
FEDORA-2023-03422cb8de
Packages in this update:
redis-7.0.13-1.fc38
Update description:
Redis 7.0.13 Released Wed 06 Sep 2023 15:00:00 IDT
Upgrade urgency SECURITY: See security fixes below.
Security Fixes
(CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and
as a result may grant users executing this command access to keys that are not
explicitly authorized by the ACL configuration.
Bug Fixes
Cluster: fix a race condition where a slot migration may revert on a
subsequent failover or node joining (#12344)
Ensure that the function load timeout is disabled during loading from RDB/AOF
and on replicas. (#12451)
Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)
ZDI-23-1323: D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to access various functionality on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability.
ZDI-23-1324: D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability.
ZDI-23-1325: D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability.
ZDI-23-1326: D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability.
ZDI-23-1327: D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability.