Read Time:4 Second
This extensive operation is directed at Tibetan, Uyghur and Taiwanese individuals and organizations
Yearly Archives: 2023
Voting Equipment Giants Team Up For Security
Read Time:4 Second
The move aims to combat the rampant spread of misinformation among American voters
bind-9.18.19-1.fc40 bind-dyndb-ldap-11.10-21.fc40
Read Time:31 Second
FEDORA-2023-687525fcca
Packages in this update:
bind-9.18.19-1.fc40
bind-dyndb-ldap-11.10-21.fc40
Update description:
BIND 9.18.19
Security Fixes
Previously, sending a specially crafted message over the control channel could cause the packet-parsing code to run out of available stack memory, causing named to terminate unexpectedly. This has been fixed. (CVE-2023-3341)
A flaw in the networking code handling DNS-over-TLS queries could cause named to terminate unexpectedly due to an assertion failure under significant DNS-over-TLS query load. This has been fixed. (CVE-2023-4236)
Upstream release notes
bind-9.18.19-1.fc37 bind-dyndb-ldap-11.10-17.fc37
Read Time:31 Second
FEDORA-2023-87502c4a93
Packages in this update:
bind-9.18.19-1.fc37
bind-dyndb-ldap-11.10-17.fc37
Update description:
BIND 9.18.19
Security Fixes
Previously, sending a specially crafted message over the control channel could cause the packet-parsing code to run out of available stack memory, causing named to terminate unexpectedly. This has been fixed. (CVE-2023-3341)
A flaw in the networking code handling DNS-over-TLS queries could cause named to terminate unexpectedly due to an assertion failure under significant DNS-over-TLS query load. This has been fixed. (CVE-2023-4236)
Upstream release notes
bind-9.18.19-1.fc38 bind-dyndb-ldap-11.10-21.fc38
Read Time:31 Second
FEDORA-2023-a2621f58a9
Packages in this update:
bind-9.18.19-1.fc38
bind-dyndb-ldap-11.10-21.fc38
Update description:
BIND 9.18.19
Security Fixes
Previously, sending a specially crafted message over the control channel could cause the packet-parsing code to run out of available stack memory, causing named to terminate unexpectedly. This has been fixed. (CVE-2023-3341)
A flaw in the networking code handling DNS-over-TLS queries could cause named to terminate unexpectedly due to an assertion failure under significant DNS-over-TLS query load. This has been fixed. (CVE-2023-4236)
Upstream release notes
“The good and the bad that comes with the growth of AI” – watch this series of webinars with Abnormal, OpenAI, and others
Read Time:24 Second
Graham Cluley Security News is sponsored this week by the folks at Abnormal. Thanks to the great team there for their support! AI and cybersecurity are colliding now more than ever. The positive power of AI is apparent with increased efficiency, cost savings, and more. Unfortunately, the same is true when those benefits get into … Continue reading ““The good and the bad that comes with the growth of AI” – watch this series of webinars with Abnormal, OpenAI, and others”
iOS 17 update secretly changed your privacy settings; here’s how to set them back
Read Time:12 Second
Many iPhone users who upgraded their iPhones to the recently-released iOS 17 will be alarmed to hear that they may have actually downgraded their security and privacy.
Read more in my article on the Hot for Security blog.
Web3 Platform Mixin Network Hit by $200m Crypto Hack
Read Time:7 Second
The decentralized finance network has suspended deposits and withdrawals after what could be one of the biggest cyber-attacks on cryptocurrency projects
CVE-2022-48605 (emui, harmonyos)
Read Time:6 Second
Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.
USN-6365-2: Open VM Tools vulnerability
Read Time:18 Second
USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that Open VM Tools incorrectly handled SAML tokens. A
remote attacker could possibly use this issue to bypass SAML token
signature verification and perform VMware Tools Guest Operations.