Read Time:7 Second
FEDORA-2024-32ce2217e7
Packages in this update:
ImageMagick-7.1.1.26-1.fc39
Update description:
Update to 7.1.1.26 (#2239345)
Daily Archives: January 15, 2024
Critical flaw found in WordPress plugin used on over 300,000 websites
Read Time:15 Second
A WordPress plugin used on over 300,000 websites has been found to contain vulnerabilities that could allow hackers to seize control.
Security researchers at Wordfence found two critical flaws in the POST SMTP Mailer plugin.
Read more in my article on the Tripwire State of Security blog.
USN-6583-1: MySQL vulnerabilities
Read Time:25 Second
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.7.44 in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-44.html
https://www.oracle.com/security-alerts/cpuoct2023.html
mongo-c-driver-1.24.3-2.el9
Read Time:10 Second
FEDORA-EPEL-2024-b707739993
Packages in this update:
mongo-c-driver-1.24.3-2.el9
Update description:
fix: bson_utf8_validate on some inputs leads to an infinite loop CVE-2023-0437
mongo-c-driver-1.24.3-2.el8
Read Time:10 Second
FEDORA-EPEL-2024-3f8d0039e7
Packages in this update:
mongo-c-driver-1.24.3-2.el8
Update description:
fix: bson_utf8_validate on some inputs leads to an infinite loop CVE-2023-0437
mongo-c-driver-1.24.3-2.fc38
Read Time:10 Second
FEDORA-2024-fb4958e901
Packages in this update:
mongo-c-driver-1.24.3-2.fc38
Update description:
fix: bson_utf8_validate on some inputs leads to an infinite loop CVE-2023-0437
USN-6582-1: WebKitGTK vulnerability
Read Time:15 Second
Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
Environmental Websites Hit by DDoS Surge in COP28 Crossfire
Read Time:5 Second
Content delivery provider Cloudflare observed a staggering surge in DDoS attacks against environmental services during COP28
Voice Cloning with Very Short Samples
Read Time:6 Second
New research demonstrates voice cloning, in multiple languages, using samples ranging from one to twelve seconds.
Research paper.
ncurses-6.4-7.20230520.fc38
Read Time:9 Second
FEDORA-2024-96090dafaf
Packages in this update:
ncurses-6.4-7.20230520.fc38
Update description:
Update to newer ncurses version, which fixes CVE-2023-29491 and CVE-2023-50495.