Read Time:9 Second
FEDORA-2024-2705241461
Packages in this update:
golang-x-crypto-0.18.0-1.fc38
Update description:
Update golang-x-crypto to v0.18.0, fix for CVE-2023-48795
Monthly Archives: January 2024
golang-x-crypto-0.18.0-1.fc39
Read Time:9 Second
FEDORA-2024-7b08207cdb
Packages in this update:
golang-x-crypto-0.18.0-1.fc39
Update description:
Update golang-x-crypto to v0.18.0, fix for CVE-2023-48795
zbar-0.23.93-1.fc38
Read Time:7 Second
FEDORA-2024-583e4098b9
Packages in this update:
zbar-0.23.93-1.fc38
Update description:
0.23.93, fixes for two CVEs
zbar-0.23.93-1.fc39
Read Time:7 Second
FEDORA-2024-73d5220ed3
Packages in this update:
zbar-0.23.93-1.fc39
Update description:
0.23.93, fixes for two CVEs
82% of Companies Struggle to Manage Security Exposure
Read Time:6 Second
The figure comes from XM Cyber’s 2024 State of Security Posture Report, exploring how organizations approach cybersecurity challenges
golang-x-crypto-0.18.0-1.fc40
Read Time:21 Second
FEDORA-2024-0d8d3b8dcc
Packages in this update:
golang-x-crypto-0.18.0-1.fc40
Update description:
Automatic update for golang-x-crypto-0.18.0-1.fc40.
Changelog
* Tue Jan 9 2024 Mark E. Fuller <mark.e.fuller@gmx.de> – 0.18.0-1
– update to v0.18.0, close rhbz#2255095 – CVE-2023-48795 golang-x-crypto:
ssh: Prefix truncation attack on Binary Packet Protocol
USN-6571-1: Monit vulnerability
Read Time:10 Second
Youssef Rebahi-Gilbert discovered that Monit did not properly process
credentials for disabled accounts. An attacker could possibly use this
issue to login to the platform with an expired account and a valid
password.
redis-7.2.4-1.fc39
Read Time:35 Second
FEDORA-2024-6ef42a28c9
Packages in this update:
redis-7.2.4-1.fc39
Update description:
Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST
Upgrade urgency SECURITY: See security fixes below.
Security fixes
(CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes
Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
Cybersecurity Deals Boom as Investment Dips, Pinpoint Reports
Read Time:6 Second
2023 saw an increased number of deals in the cybersecurity industry, but the overall investment in the sector dropped, Pinpoint revealed
redis-7.0.15-1.fc38
Read Time:21 Second
FEDORA-2024-694899d442
Packages in this update:
redis-7.0.15-1.fc38
Update description:
Redis 7.0.15 Released Tue 09 Jan 2024 10:45:52 IST
Upgrade urgency SECURITY: See security fixes below.
Security fixes
(CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.