Read Time:4 Second
The flaw allows the installation of malware that operates at the firmware level
Daily Archives: February 8, 2024
US insurance firms sound alarm after 66,000 individuals impacted by SIM swap attack
Read Time:10 Second
Two US insurance companies are warning that thousands of individuals’ personal information may have been stolen after hackers compromised computer systems.
Read more in my article on the Hot for Security blog.
France: 33 Million Social Security Numbers Exposed in Health Insurance Hack
Read Time:6 Second
The French data privacy regulator has opened an investigation following a data breach affecting two major health insurance firms
Surge in deepfake “Face Swap” attacks puts remote identity verification at risk
Read Time:10 Second
New research shows a 704% increase in deepfake “face swap” attacks from the first to the second half of 2023.
Read more in my article on the Tripwire State of Security blog.
libgit2-1.7.2-2.el9 libgit2_1.6-1.6.5-1.el9 python-pygit2-1.14.0-2.el9
Read Time:15 Second
FEDORA-EPEL-2024-e2bbd00d36
Packages in this update:
libgit2_1.6-1.6.5-1.el9
libgit2-1.7.2-2.el9
python-pygit2-1.14.0-2.el9
Update description:
Update libgit2 to 1.7.2
Update python-pygit2 to 1.14.0
Add libgit2_1.6 compat package
libgit2-1.6.5-1.fc38
Read Time:9 Second
FEDORA-2024-a7a3c8ccdd
Packages in this update:
libgit2-1.6.5-1.fc38
Update description:
Update to 1.6.5
Resolves: CVE-2024-24577
Resolves: CVE-2024-24575
USN-6627-1: libde265 vulnerabilities
Read Time:1 Minute, 23 Second
It was discovered that libde265 could be made to read out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service. (CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241,
CVE-2022-43242)
It was discovered that libde265 did not properly manage memory. If a user
or automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
(CVE-2021-36408)
It was discovered that libde265 contained a logical error. If a user
or automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to cause a denial of service.
(CVE-2021-36409)
It was discovered that libde265 could be made to write out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. (CVE-2021-36410, CVE-2022-43235,
CVE-2022-43236, CVE-2022-43237, CVE-2022-43239, CVE-2022-43240,
CVE-2022-43243, CVE-2022-43248, CVE-2022-43252, CVE-2022-43253)
It was discovered that libde265 could be made to write out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected Ubuntu 22.04
LTS. (CVE-2022-1253)
python-fastapi-0.109.1-1.fc40
Read Time:16 Second
FEDORA-2024-0396ef82cd
Packages in this update:
python-fastapi-0.109.1-1.fc40
Update description:
Automatic update for python-fastapi-0.109.1-1.fc40.
Changelog
* Thu Feb 8 2024 Packit <hello@packit.dev> – 0.109.1-1
– [packit] 0.109.1 upstream release
– Resolves rhbz#2262507, resolves rhbz#2262844
Critical Manufacturing Vulnerabilities Surge 230% in Six Months
Read Time:5 Second
Nozomi Networks reveals increasingly sophisticated attacks targeting bugs and other vectors in IoT and OT environments
openssh-9.0p1-19.fc38
Read Time:6 Second
FEDORA-2024-2aac54ebb7
Packages in this update:
openssh-9.0p1-19.fc38
Update description:
Apply fix for CVE-2023-28531