libopenmpt-0.7.8-1.fc39
Update from 0.7.6 to 0.7.8 for more bug-fixes.
https://lib.openmpt.org/libopenmpt/2024/06/09/security-update-0.7.8-releases-0.6.17-0.5.31-0.4.43/
https://lib.openmpt.org/libopenmpt/2024/05/12/releases-0.7.7-0.6.16-0.5.30-0.4.42/
openvpn-2.6.11-1.fc40
Update to upstream OpenVPN 2.6.11
CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them
CVE-2024-28882: only call schedule_exit() once (on a given peer)
Kaspersky “poses an undue or unacceptable risk to national security,” according to the US Commerce Department’s Bureau of Industry and Security
The memorial service for Ross Anderson will be held on Saturday, at 2:00 PM BST. People can attend remotely on Zoom. (The passcode is “L3954FrrEF”.)
Ransomware group Qilin has reportedly published nearly 400GB of data stolen following the attack on NHS provider Synnovis in early June
mingw-poppler-24.02.0-2.fc40
Backport fix for CVE-2024-6239.
mingw-python-urllib3-1.26.19-1.fc40
Update to 1.26.19, fixes CVE-2024-0444.
mingw-python-urllib3-1.26.19-1.fc39
Update to 1.26.19, fixes CVE-2024-0444.
Posted by Security Explorations on Jun 21
Hello All,
On Jun 11, 2024 Microsoft engineer posted on a public forum
information about a crash experienced with Apple TV service on a
Surface Pro 9 device [1].
The post had an attachment – a 771MB file (4GB unpacked), which leaked
internal code (260+ files [2]) pertaining to Microsoft PlayReady such
as the following:
– Warbird configuration for building PlayReady library
– Warbird library implementing code obfuscation functionality
– static…
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.0. The following CVEs are assigned: CVE-2024-26001.
