FEDORA-2023-43cb13aefb
Packages in this update:
vim-9.0.1407-1.fc38
Update description:
Security fixes for CVE-2023-1175, CVE-2023-1170, CVE-2023-1264.
vim-9.0.1407-1.fc38
Security fixes for CVE-2023-1175, CVE-2023-1170, CVE-2023-1264.
The operation seized four servers, 7TB of data and 1909.4 Bitcoins (roughly $47.3m)
The Chancellor of the Duchy of Lancaster, Oliver Dowden, confirmed the plans earlier today
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in WPMU DEV Forminator – Contact Form, Payment Form & Custom Form Builder plugin <= 1.14.11 versions.
An issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL.
An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the GetBonusWithdraw and withdraw functions.
Cross Site Scripting vulnerability found in Markdown Edit allows a remote attacker to execute arbitrary code via the edit parameter of the webpage.
Yebo Cao discovered that Python incorrectly handled certain URLs.
An attacker could possibly use this issue to bypass blocklisting
methods by supplying a URL that starts with blank characters.
It was discovered that abcm2ps incorrectly
handled memory when parsing specially crafted ABC files.
An attacker could use this issue to cause abcm2ps to crash,
leading to a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 ESM
and Ubuntu 18.04 LTS.
(CVE-2018-10753, CVE-2018-10771, CVE-2019-1010069)
Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly
handled memory when parsing specially crafted ABC files.
An attacker could use this issue to cause abcm2ps to crash,
leading to a denial of service.
(CVE-2021-32434, CVE-2021-32435, CVE-2021-32436)
Social media app TikTok has been banned on UK government electronic devices, the Cabinet Office has announced. The ban, announced by the chancellor of the Duchy of Lancaster, Oliver Dowden, comes in the wake of a security review into the risks posed to government data by social media apps on devices along with the potential for sensitive information to be accessed and used by some platforms. The move follows other Western countries who have barred the Chinese-owned video app over security concerns and increasing fear that user data from the app (owned by Beijing-based company ByteDance) could end up in the hands of the Chinese government.