FEDORA-2023-cb5df36beb
Packages in this update:
sudo-1.9.13-1.p2.fc36
Update description:
Security fix for CVE-2023-27320
sudo-1.9.13-1.p2.fc36
Security fix for CVE-2023-27320
sudo-1.9.13-1.p2.fc37
Security fix for CVE-2023-27320
sudo-1.9.13-1.p2.fc38
Security fix for CVE-2023-27320
Employee data was accessed by the threat actors, including names, addresses, and more
It was discovered that c-ares incorrectly handled certain sortlist strings.
A remote attacker could use this issue to cause c-ares to crash, resulting
in a denial of service, or possibly execute arbitrary code.
Jacob Champion discovered that the PostgreSQL client incorrectly handled
Kerberos authentication. If a user or automated system were tricked into
connecting to a malicious server, a remote attacker could possibly use this
issue to obtain sensitive information.
It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)
It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise data integrity.
(CVE-2022-31629)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-31631)
It was discovered that PHP incorrectly handled resolving long paths. A
remote attacker could possibly use this issue to obtain or modify sensitive
information. (CVE-2023-0568)
It was discovered that PHP incorrectly handled a large number of field and file
parts in HTTP form uploads. A remote attacker could possibly use this issue to
cause PHP to consume resources, leading to a denial of service. (CVE-2023-0662)
dcmtk-3.6.7-3.fc36
Security fix for CVE-2022-43272
Troy Hunt is collecting examples of dumb password rules.
There are some pretty bad disasters out there.
My worst experiences are with sites that have artificial complexity requirements that cause my personal password-generation systems to fail. Some of the systems on the list are even worse: when they fail they don’t tell you why, so you just have to guess until you get it right.
Intune Suite will streamline endpoint management with added features for controlled and secure access.