freeipa-4.11.1-4.fc40
Automatic update for freeipa-4.11.1-4.fc40.
* Wed Feb 21 2024 Rob Crittenden <rcritten@redhat.com> – 4.11.1-4
– Security release: CVE-2024-1481
– Resolves: rhbz#2265129
freeipa-4.11.1-4.fc41
Automatic update for freeipa-4.11.1-4.fc41.
* Wed Feb 21 2024 Rob Crittenden <rcritten@redhat.com> – 4.11.1-4
– Security release: CVE-2024-1481
– Resolves: rhbz#2265129
A vulnerability has been discovered in the Junos OS, which could allow for remote code execution. Junos OS is a FreeBSD-based network operating system used in Juniper Networks routing, switching and security devices. Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
mod_auth_openidc-2.4.15.3-1.fc39
fix CVE-2024-24814: prevent DoS when OIDCSessionType client-cookie is set and a crafted Cookie header is supplied
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.
Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and it’s really impressive.
Which means a lot of scary new video prompt injection attacks. And remember, given the current state of technology, prompt injection attacks are impossible to prevent in general.
A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang.
Read more in my article on the Tripwire State of Security blog.
Kaspersky explained the fraudulent emails prompted recipients to enable two-factor authentication
grub2-2.06-115.fc38
Security fix for CVE-2024-1048
grub2-2.06-117.fc39
Security fix for CVE-2024-1048
