FEDORA-2024-020dbf247c
Packages in this update:
xen-4.17.5-2.fc39
Update description:
x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817]
update to xen-4.17.5
xen-4.17.5-2.fc39
x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817]
update to xen-4.17.5
It was discovered that Tomcat incorrectly handled HTTP trailer headers. A
remote attacker could possibly use this issue to perform HTTP request
smuggling.
xen-4.18.3-2.fc40
x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817]
xen-4.19.0-4.fc41
x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817]
Cybercriminals are increasingly prioritizing script-based phishing techniques over one based on traditional malicious documents
Arkansas City’s water treatment facility faced a cyber incident on Sunday and has since switched to manual operations
A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world.
In recent days Valencia Ransomware has posted on its dark web leak site’s so-called “Wall of shame” links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper manufacturer.
Read more in my article on the Tripwire State of Security blog.
Cybercriminals have been observed disguising Octo2 as legitimate apps like Google Chrome and NordVPN
USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS.
This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could possibly use this issue to overwrite header values
set by intermediate proxies by providing duplicate headers containing
underscore characters.
In episode 17 of The AI Fix, our hosts meet the worst newsreaders in the world, Graham learns about Big Trak and is shocked by a food delivery robot, Mark explains why he won’t be dressing as a pirate, ChatGPT angelically removes a peanut butter sandwich from a VCR, and everyone thinks they’ve got Ebola.
Graham explains how his career in fashion came to an end, LinkedIn morphs into a feather-duster-wielding polyphase avatron with an insatiable appetite for B2B sales, and Mark delves into the intricate tapestry of terrible AI writing.
All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.