Read Time:1 Second
Post Content
Daily Archives: January 16, 2024
Phemedrone Stealer Targets Windows Defender Flaw Despite Patch
Read Time:5 Second
The malware targets browsers, steals crypto wallet and messaging app data, and collects system information
USN-6559-1: ZooKeeper vulnerabilities
Read Time:28 Second
It was discovered that ZooKeeper incorrectly handled authorization for
the getACL() command. A remote attacker could possibly use this issue to
obtain sensitive information. This issue only affected Ubuntu 14.04
LTS and Ubuntu 16.04 LTS. (CVE-2019-0201)
Damien Diederen discovered that ZooKeeper incorrectly handled
authorization if SASL Quorum Peer authentication is enabled. An
attacker could possibly use this issue to bypass ZooKeeper’s
authorization system. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04
and Ubuntu 23.10. (CVE-2023-44981)
New Tool Identifies Pegasus and Other iOS Spyware
Read Time:4 Second
Kaspersky experts developed the tool after analyzing Shutdown.log, a file retaining reboot information
USN-6587-1: X.Org X Server vulnerabilities
Read Time:1 Minute, 14 Second
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An
attacker could possibly use this issue to cause the X Server to crash,
obtain sensitive information, or execute arbitrary code. (CVE-2023-6816)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
reattaching to a different master device. An attacker could use this issue
to cause the X Server to crash, leading to a denial of service, or possibly
execute arbitrary code. (CVE-2024-0229)
Olivier Fourdan and Donn Seeley discovered that the X.Org X Server
incorrectly labeled GLX PBuffers when used with SELinux. An attacker could
use this issue to cause the X Server to crash, leading to a denial of
service. (CVE-2024-0408)
Olivier Fourdan discovered that the X.Org X Server incorrectly handled
the curser code when used with SELinux. An attacker could use this issue to
cause the X Server to crash, leading to a denial of service.
(CVE-2024-0409)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the XISendDeviceHierarchyEvent API. An attacker
could possibly use this issue to cause the X Server to crash, or execute
arbitrary code. (CVE-2024-21885)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
devices being disabled. An attacker could possibly use this issue to cause
the X Server to crash, or execute arbitrary code. (CVE-2024-21886)
dotnet7.0-7.0.115-1.fc39
Read Time:14 Second
FEDORA-2024-b09647af24
Packages in this update:
dotnet7.0-7.0.115-1.fc39
Update description:
This is the January 2024 update for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.15/7.0.15.md
dotnet7.0-7.0.115-1.fc38
Read Time:14 Second
FEDORA-2024-248d2135eb
Packages in this update:
dotnet7.0-7.0.115-1.fc38
Update description:
This is the January 2024 update for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.15/7.0.15.md
tigervnc-1.13.1-11.fc39 xorg-x11-server-1.20.14-29.fc39
Read Time:14 Second
FEDORA-2024-5762d637dd
Packages in this update:
tigervnc-1.13.1-11.fc39
xorg-x11-server-1.20.14-29.fc39
Update description:
CVE fix for: CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408 and CVE-2024-0409
python-templated-dictionary-1.4-1.fc38
Read Time:6 Second
FEDORA-2024-4bd03c989b
Packages in this update:
python-templated-dictionary-1.4-1.fc38
Update description:
Fixing CVE-2023-6395
python-templated-dictionary-1.4-1.el7
Read Time:6 Second
FEDORA-EPEL-2024-fbdcbc3c7a
Packages in this update:
python-templated-dictionary-1.4-1.el7
Update description:
Fixing CVE-2023-6395