FEDORA-2023-2cf272ad72
Packages in this update:
stellarium-1.2-9.fc37
Update description:
Patches for CVE-2023-28371
stellarium-1.2-9.fc37
Patches for CVE-2023-28371
stellarium-1.2-9.fc38
Patches for CVE-2023-28371
stellarium-1.2-9.fc36
Patches for CVE-2023-28371
ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations.
ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications.
“While ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect Passwordless authentication extends passwordless capabilities to common enterprise infrastructure like workstations, databases, servers, and VPNs,” said Peter Barker, ForgeRock’s chief product officer.
ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations.
ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications.
“While ForgeRock already offers passwordless authentication for mobile and web applications, the new Enterprise Connect Passwordless authentication extends passwordless capabilities to common enterprise infrastructure like workstations, databases, servers, and VPNs,” said Peter Barker, Forgerock’s chief product officer.
These included a number of government websites: 105 in Chile, 431 in Mexico and 265 in Peru
USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for
CVE-2021-33844 was incomplete. This update fixes the problem.
Original advisory details:
Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,
and Ubuntu 18.04 LTS. (CVE-2019-13590)
Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210,
CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and
CVE-2022-31651)
USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem
for Ubuntu 20.04 LTS.
Original advisory details:
Hiroshi Tokumaru discovered that Ruby did not properly handle certain
user input for applications which generate HTTP responses using cgi gem.
An attacker could possibly use this issue to maliciously modify the
response a user would receive from a vulnerable application.
Conor Brian Fitzpatrick of Peekskill was apprehended last Wednesday following an FBI investigation