Read Time:7 Second
FEDORA-2023-cb5df36beb
Packages in this update:
sudo-1.9.13-1.p2.fc36
Update description:
Security fix for CVE-2023-27320
Yearly Archives: 2023
sudo-1.9.13-1.p2.fc37
Read Time:7 Second
FEDORA-2023-d2d6ec2a32
Packages in this update:
sudo-1.9.13-1.p2.fc37
Update description:
Security fix for CVE-2023-27320
sudo-1.9.13-1.p2.fc38
Read Time:7 Second
FEDORA-2023-11c9d868ca
Packages in this update:
sudo-1.9.13-1.p2.fc38
Update description:
Security fix for CVE-2023-27320
WH Smith Discloses Cyber-Attack, Company Data Theft
Read Time:4 Second
Employee data was accessed by the threat actors, including names, addresses, and more
USN-5907-1: c-ares vulnerability
Read Time:11 Second
It was discovered that c-ares incorrectly handled certain sortlist strings.
A remote attacker could use this issue to cause c-ares to crash, resulting
in a denial of service, or possibly execute arbitrary code.
USN-5906-1: PostgreSQL vulnerability
Read Time:11 Second
Jacob Champion discovered that the PostgreSQL client incorrectly handled
Kerberos authentication. If a user or automated system were tricked into
connecting to a malicious server, a remote attacker could possibly use this
issue to obtain sensitive information.
USN-5905-1: PHP vulnerabilities
Read Time:44 Second
It was discovered that PHP incorrectly handled certain gzip files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-31628)
It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to compromise data integrity.
(CVE-2022-31629)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-31631)
It was discovered that PHP incorrectly handled resolving long paths. A
remote attacker could possibly use this issue to obtain or modify sensitive
information. (CVE-2023-0568)
It was discovered that PHP incorrectly handled a large number of field and file
parts in HTTP form uploads. A remote attacker could possibly use this issue to
cause PHP to consume resources, leading to a denial of service. (CVE-2023-0662)
dcmtk-3.6.7-3.fc36
Read Time:6 Second
FEDORA-2023-eda976b192
Packages in this update:
dcmtk-3.6.7-3.fc36
Update description:
Security fix for CVE-2022-43272
Dumb Password Rules
Read Time:20 Second
Troy Hunt is collecting examples of dumb password rules.
There are some pretty bad disasters out there.
My worst experiences are with sites that have artificial complexity requirements that cause my personal password-generation systems to fail. Some of the systems on the list are even worse: when they fail they don’t tell you why, so you just have to guess until you get it right.
Microsoft Intune Suite consolidates endpoint management and protection
Read Time:4 Second
Intune Suite will streamline endpoint management with added features for controlled and secure access.