Read Time:7 Second
FEDORA-EPEL-2024-28e58f443c
Packages in this update:
python-PyMySQL-0.9.3-2.el7
Update description:
Security fix for CVE-2024-36039
Daily Archives: June 22, 2024
libreswan-4.15-1.fc39
Read Time:7 Second
FEDORA-2024-07c9cfd337
Packages in this update:
libreswan-4.15-1.fc39
Update description:
Update to 4.15 for CVE-2024-3652
mingw-gstreamer1-1.22.9-1.fc39 mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39 mingw-gstreamer1-plugins-base-1.22.9-2.fc39 mingw-gstreamer1-plugins-good-1.22.9-1.fc39
Read Time:17 Second
FEDORA-2024-919bc7e512
Packages in this update:
mingw-gstreamer1-1.22.9-1.fc39
mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39
mingw-gstreamer1-plugins-base-1.22.9-2.fc39
mingw-gstreamer1-plugins-good-1.22.9-1.fc39
Update description:
Update to gstreamer-1.22.9.
Backport fix for CVE-2024-0444.
mingw-gstreamer1-plugins-bad-free-1.22.7-2.fc39
Read Time:8 Second
FEDORA-2024-1e6c22e83f
Packages in this update:
mingw-gstreamer1-plugins-bad-free-1.22.7-2.fc39
Update description:
Backport fix for CVE-2024-0444.
ZDI-24-898: ESET Smart Security Premium Link Following Local Privilege Escalation Vulnerability
Read Time:15 Second
This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. User interaction on the part of an administrator is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2024-2003.
libreswan-4.15-1.fc40
Read Time:7 Second
FEDORA-2024-05a6ab143e
Packages in this update:
libreswan-4.15-1.fc40
Update description:
Update to 4.15 for CVE-2024-3652
libreswan-4.15-2.fc41
Read Time:30 Second
FEDORA-2024-342c3cc98f
Packages in this update:
libreswan-4.15-2.fc41
Update description:
Automatic update for libreswan-4.15-2.fc41.
Changelog
* Sat Jun 22 2024 Paul Wouters <paul.wouters@aiven.io> – 4.15-2
– Add libreswan-4.15-ipsec_import.patch
* Sat Jun 22 2024 Paul Wouters <paul.wouters@aiven.io> – 4.15-1
– Update libreswan to 4.15 for CVE-2024-3652
– Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP
responder can crash and restart
– Allow “ipsec import” to try importing PKCS#12 non-interactively if there
is no password
CPrime Supply Chain Attack
Read Time:1 Minute, 19 Second
What is the attack?FortiGuard Labs’ Recon team is aware of communications on a cybercrime forum known as ‘BreachForums’ with a Threat Actor (TA) known by the alias ‘IntelBroker.’ This threat actor has posted about selling access to various internal resources of several undisclosed organizations. The Threat Actor (TA) claimed to have acquired access to the sensitive information by breaching a single, unnamed company that provides services to over 400 organizations, primarily in the US. The TA disclosed a list of over 400 organizations compromised. Based on this information and active exploitations, the FortiRecon team has ascertained that several of the compromised organizations are customers/clients of MSP Cprime’s services and suspect an attack through their infrastructure to be the source of the attack.What is the recommended Mitigation?At this point, it is unclear what the attack vector into the MSP network was, or how onward access was gained into the victim organization network however; there have been mentions of access being gained to Github, Jira, and Confluence instances. At this point, Fortinet recommends increased vigilance to identify any unusual network or server activity. Fortinet customers could use FortiRecon’s Digital Risk Protection (DRP) service to help counter attacks at the reconnaissance phase and significantly reduce the risk, time, and cost of later-stage threat mitigation. https://www.fortinet.com/products/fortirecon What FortiGuard Coverage is available?FortiGuard Labs’ research team is currently investigating and monitoring this situation closely and will provide more information as it becomes available. FortiGuard Incident Response team can be engaged to help with any suspected compromise.