strongswan-5.9.14-5.el10_0

Read Time:2 Minute, 17 Second

FEDORA-EPEL-2024-196be160cb

Packages in this update:

strongswan-5.9.14-5.el10_0

Update description:

Automatic update for strongswan-5.9.14-5.el10_0.

Changelog

* Sat Jul 27 2024 Michel Lind <salimma@fedoraproject.org> – 5.9.14-5
– Depend on openssl-devel-engine since we still use this deprecated feature (rhbz#2295335)
* Fri Jul 26 2024 Miroslav Suchý <msuchy@redhat.com> – 5.9.14-4
– convert license to SPDX
* Sat Jul 20 2024 Fedora Release Engineering <releng@fedoraproject.org> – 5.9.14-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint <python-maint@redhat.com> – 5.9.14-2
– Rebuilt for Python 3.13
* Fri May 31 2024 Paul Wouters <paul.wouters@aiven.io> – 5.9.14-1
– Resolves: rhbz#2254560 CVE-2023-41913 buffer overflow and possible RCE
– Resolved: rhbz#2250666 Update to 5.9.14 (IKEv2 OCSP extensions, seqno/regno overflow handling
– Update to 5.9.13 (OCSP nonce set regression configuration option charon.ocsp_nonce_len)
– Update to 5.9.12 (CVE-2023-41913 fix, various IKEv2 fixes)
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> – 5.9.11-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> – 5.9.11-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Fri Jul 14 2023 Paul Wouters <paul.wouters@aiven.io – 5.9.11-1
– Resolves: rhbz#2214186 strongswan-5.9.11 is available
* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> – 5.9.10-2
– Rebuilt for Python 3.12
* Thu Mar 2 2023 Paul Wouters <paul.wouters@aiven.io – 5.9.10-1
– Update to 5.9.10
* Tue Feb 28 2023 Paul Wouters <paul.wouters@aiven.io – 5.9.9-3
– Resolves: CVE-2023-26463 authorization bypass in TLS-based EAP methods
* Mon Jan 16 2023 Petr Menšík <pemensik@redhat.com> – 5.9.9-2
– Use configure paths in manual pages (#2106120)
* Sun Jan 15 2023 Petr Menšík <pemensik@redhat.com> – 5.9.9-1
– Update to 5.9.9 (#2157850)
* Thu Dec 8 2022 Jitka Plesnikova <jplesnik@redhat.com> – 5.9.8-2
– Add BR perl-generators to automatically generates run-time dependencies
for installed Perl files
* Sun Oct 16 2022 Arne Reiter <redhat@arnereiter.de> – 5.9.8-1
– Resolves rhbz#2112274 strongswan-5.9.8 is available
– Patch1 removes CFLAGS -Wno-format which interferes with -Werror=format-security
– Add BuildRequire for autoconf and automake, now required for release
– Remove obsolete patches

Read More

Friday Squid Blogging: SQUID Is a New Computational Tool for Analyzing Genomic AI

Read Time:19 Second

Yet another SQUID acronym:

SQUID, short for Surrogate Quantitative Interpretability for Deepnets, is a computational tool created by Cold Spring Harbor Laboratory (CSHL) scientists. It’s designed to help interpret how AI models analyze the genome. Compared with other analysis tools, SQUID is more consistent, reduces background noise, and can lead to more accurate predictions about the effects of genetic mutations.

Blog moderation policy.

Read More

rclone-1.67.0-1.fc41

Read Time:39 Second

FEDORA-2024-3ef0d3c37d

Packages in this update:

rclone-1.67.0-1.fc41

Update description:

Automatic update for rclone-1.67.0-1.fc41.

Changelog

* Fri Aug 9 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> – 1.67.0-1
– Update to 1.67.0 – Closes rhbz#2251762 rhbz#2292717 rhbz#2301235
rhbz#2255106
* Fri Jul 19 2024 Fedora Release Engineering <releng@fedoraproject.org> – 1.64.2-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> – 1.64.2-4
– Rebuild for golang 1.22.0
* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> – 1.64.2-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

Read More

USN-6926-3: Linux kernel (Azure) vulnerabilities

Read Time:1 Minute, 43 Second

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)

Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and
Shweta Shinde discovered that the Confidential Computing framework in the
Linux kernel for x86 platforms did not properly handle 32-bit emulation on
TDX and SEV. An attacker with access to the VMM could use this to cause a
denial of service (guest crash) or possibly execute arbitrary code.
(CVE-2024-25744)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– HID subsystem;
– I2C subsystem;
– MTD block device drivers;
– Network drivers;
– TTY drivers;
– USB subsystem;
– File systems infrastructure;
– F2FS file system;
– SMB network file system;
– BPF subsystem;
– B.A.T.M.A.N. meshing protocol;
– Bluetooth subsystem;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Netfilter;
– Unix domain sockets;
– AppArmor security module;
(CVE-2023-52435, CVE-2024-27013, CVE-2024-35984, CVE-2023-52620,
CVE-2024-35997, CVE-2023-52436, CVE-2024-26884, CVE-2024-26901,
CVE-2023-52469, CVE-2024-35978, CVE-2024-26886, CVE-2024-35982,
CVE-2024-36902, CVE-2024-26857, CVE-2024-26923, CVE-2023-52443,
CVE-2024-27020, CVE-2024-36016, CVE-2024-26840, CVE-2024-26934,
CVE-2023-52449, CVE-2024-26882, CVE-2023-52444, CVE-2023-52752)

Read More

People-Search Site Removal Services Largely Ineffective

Read Time:40 Second

Consumer Reports has a new study of people-search site removal services, concluding that they don’t really work:

As a whole, people-search removal services are largely ineffective. Private information about each participant on the people-search sites decreased after using the people-search removal services. And, not surprisingly, the removal services did save time compared with manually opting out. But, without exception, information about each participant still appeared on some of the 13 people-search sites at the one-week, one-month, and four-month intervals. We initially found 332 instances of information about the 28 participants who would later be signed up for removal services (that does not include the four participants who were opted out manually). Of those 332 instances, only 117, or 35%, were removed within
four months.

Read More