dotnet7.0-7.0.119-1.fc39
This is the May 2024 security update for .NET 7.
This is the last upstream release of .NET 7. After this update, .NET 7 reaches its End of Life (EOL).
Full release notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.19/7.0.19.md
Car manufacturer Nissan revealed that over 53,000 of its North America employees had their social security numbers accessed by a ransomware attacker
It was discovered that .NET did not properly handle memory in it’s
Double Parse routine. An attacker could possibly use this issue to
achieve remote code execution. (CVE-2024-30045)
It was discovered that .NET did not properly handle the usage of a
shared resource. An attacker could possibly use this to cause a dead-lock
condition, resulting in a denial of service. (CVE-2024-30046)
thunderbird-115.11.0-1.fc39
Update to 115.11.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/
https://www.thunderbird.net/en-US/thunderbird/115.11.0/releasenotes/
Nearly six out of ten surveyed ClubCISO members are confident AI is used securely in their organizations
python-jinja2-3.1.4-1.fc40
Update to 3.1.4 (rhbz#2279211,rhbz#2279491)
python-jinja2-3.1.4-1.fc39
Update to 3.1.4 (rhbz#2279211,rhbz#2279491)
python-jinja2-3.1.4-1.fc38
Update to 3.1.4 (rhbz#2279211,rhbz#2279491)
python-jinja2-3.1.4-1.fc41
Automatic update for python-jinja2-3.1.4-1.fc41.
* Tue May 7 2024 Lumír Balhar <lbalhar@redhat.com> – 3.1.4-1
– Update to 3.1.4 (rhbz#2279211,rhbz#2279491)
Microsoft is working on a promising-looking protocol to lock down DNS.
ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices.
Jake Williams, VP of research and development at consultancy Hunter Strategy, said the union of these previously disparate engines would allow updates to be made to the Windows firewall on a per-domain name basis. The result, he said, is a mechanism that allows organizations to, in essence, tell clients “only use our DNS server, that uses TLS, and will only resolve certain domains.” Microsoft calls this DNS server or servers the “protective DNS server.”
By default, the firewall will deny resolutions to all domains except those enumerated in allow lists. A separate allow list will contain IP address subnets that clients need to run authorized software. Key to making this work at scale inside an organization with rapidly changing needs. Networking security expert Royce Williams (no relation to Jake Williams) called this a “sort of a bidirectional API for the firewall layer, so you can both trigger firewall actions (by input *to* the firewall), and trigger external actions based on firewall state (output *from* the firewall). So instead of having to reinvent the firewall wheel if you are an AV vendor or whatever, you just hook into WFP.”
