Read Time:6 Second
FEDORA-2023-2cf272ad72
Packages in this update:
stellarium-1.2-9.fc37
Update description:
Patches for CVE-2023-28371
Yearly Archives: 2023
stellarium-1.2-9.fc38
Read Time:6 Second
FEDORA-2023-57f5e7c000
Packages in this update:
stellarium-1.2-9.fc38
Update description:
Patches for CVE-2023-28371
stellarium-1.2-9.fc36
Read Time:6 Second
FEDORA-2023-b7e90bc682
Packages in this update:
stellarium-1.2-9.fc36
Update description:
Patches for CVE-2023-28371
ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises
Read Time:35 Second
ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations.
ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications.
“While ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect Passwordless authentication extends passwordless capabilities to common enterprise infrastructure like workstations, databases, servers, and VPNs,” said Peter Barker, ForgeRock’s chief product officer.
ForgeRock, Double Secret Octopus offer passwordless authentication for enterprises
Read Time:35 Second
ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations.
ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications.
“While ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect Passwordless authentication extends passwordless capabilities to common enterprise infrastructure like workstations, databases, servers, and VPNs,” said Peter Barker, Forgerock’s chief product officer.
Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims
Read Time:5 Second
These included a number of government websites: 105 in Chile, 431 in Mexico and 265 in Peru
USN-5904-2: SoX regression
Read Time:45 Second
USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for
CVE-2021-33844 was incomplete. This update fixes the problem.
Original advisory details:
Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,
and Ubuntu 18.04 LTS. (CVE-2019-13590)
Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210,
CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and
CVE-2022-31651)
USN-5806-3: Ruby vulnerability
Read Time:18 Second
USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem
for Ubuntu 20.04 LTS.
Original advisory details:
Hiroshi Tokumaru discovered that Ruby did not properly handle certain
user input for applications which generate HTTP responses using cgi gem.
An attacker could possibly use this issue to maliciously modify the
response a user would receive from a vulnerable application.
KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps
BreachForums Admin Arrested in New York
Read Time:4 Second
Conor Brian Fitzpatrick of Peekskill was apprehended last Wednesday following an FBI investigation