FEDORA-2023-0806784f24
Packages in this update:
python-urllib3-1.26.17-1.fc37
Update description:
Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f)
python-urllib3-1.26.17-1.fc37
Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f)
python-urllib3-1.26.17-1.fc38
Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f)
python-urllib3-1.26.17-1.fc39
Update to 1.26.17: fix CVE-2023-43804 (GHSA-v845-jxx5-vc9f)
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
ulauncher-5.15.4-1.fc38
сhore: Update to 5.15.4
ulauncher-5.15.4-1.fc39
сhore: Update to 5.15.4
ulauncher-5.15.4-1.fc37
сhore: Update to 5.15.4
It was discovered that libvpx did not properly handle certain malformed
media files. If an application using libvpx opened a specially crafted
file, a remote attacker could cause a denial of service, or possibly
execute arbitrary code.
The NSA is starting a new artificial intelligence security center:
The AI security center’s establishment follows an NSA study that identified securing AI models from theft and sabotage as a major national security challenge, especially as generative AI technologies emerge with immense transformative potential for both good and evil.
Nakasone said it would become “NSA’s focal point for leveraging foreign intelligence insights, contributing to the development of best practices guidelines, principles, evaluation, methodology and risk frameworks” for both AI security and the goal of promoting the secure development and adoption of AI within “our national security systems and our defense industrial base.”
He said it would work closely with U.S. industry, national labs, academia and the Department of Defense as well as international partners.
Hackers are deploying different ransomware variants, including AvosLocker and Hive, among others