FEDORA-2023-b52438b698
Packages in this update:
dotnet7.0-7.0.112-1.fc39
Update description:
This the October 2023 monthly update for .NET 7
Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.12/7.0.12.md
dotnet7.0-7.0.112-1.fc39
This the October 2023 monthly update for .NET 7
Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.12/7.0.12.md
USN-6431-1 fixed a vulnerability in iperf3. This update provides
the corresponding update for Ubuntu 22.04 LTS and Ubuntu 23.04.
Original advisory details:
It was discovered that iperf3 did not properly manage certain inputs,
which could lead to a crash. A remote attacker could possibly use this
issue to cause a denial of service. (CVE-2023-38403)
Hacktivists claim DDoS attacks against Israeli websites as cybersecurity experts urge caution in believing these cyber-criminals’ claims
The Government of Israel has told the owners of private home security cameras to urgently secure them against being hacked, in the wake of a dramatic heightening of the conflict between Israel and Hamas.
Reports emerged over the weekend regarding a zero-day exploit in the messaging app
Over the weekend rumours circulated on social networks of an unpatched security hole in the Signal messaging app that could allow a remote hacker to seize control of your smartphone.
But were they true?
Read more in my article on the Hot for Security blog.
It was discovered that iperf3 did not properly manage certain inputs,
which could lead to a crash. A remote attacker could possibly use this
issue to cause a denial of service. (CVE-2023-38403)
Jorge Sancho Larraz discovered that iperf3 did not properly manage certain
inputs, which could cause the server process to stop responding, waiting
for input on the control connection. A remote attacker could possibly use
this issue to cause a denial of service. (LP: #2038654)
The US government highlighted the operations of the NoEscape group, which is believed to be a rebrand of Russian threat actor Avaddon
roundcubemail-1.5.5-1.el9
Version 1.5.5
Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168)
roundcubemail-1.6.4-1.fc38
Version 1.6.4
Fix PHP8 warnings (#9142, #9160)
Fix default ‘mime.types’ path on Windows (#9113)
Managesieve: Fix javascript error when relational or spamtest extension is not enabled (#9139)
Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168)