Read Time:9 Second
FEDORA-2024-d7e2d109e2
Packages in this update:
mingw-python3-3.11.10-2.fc40
Update description:
Backport fix for CVE-2024-9287
Update to python-3.11.0.
Monthly Archives: November 2024
FTC Records 50% Drop in Nuisance Calls Since 2021
Read Time:5 Second
The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021
mingw-libsoup-2.74.3-8.fc40
Read Time:8 Second
FEDORA-2024-8c3476dd24
Packages in this update:
mingw-libsoup-2.74.3-8.fc40
Update description:
Backport fixes for CVE-2024-52530 and CVE-2024-52532.
mingw-libsoup-2.74.3-8.fc41
Read Time:8 Second
FEDORA-2024-af077c1f85
Packages in this update:
mingw-libsoup-2.74.3-8.fc41
Update description:
Backport fixes for CVE-2024-52530 and CVE-2024-52532.
mingw-glib2-2.82.2-1.fc40
Read Time:8 Second
FEDORA-2024-1e29ad7d25
Packages in this update:
mingw-glib2-2.82.2-1.fc40
Update description:
Update to 2.82.2, fixes CVE-2024-52533.
mingw-glib2-2.82.2-1.fc41
Read Time:8 Second
FEDORA-2024-67869f1cb3
Packages in this update:
mingw-glib2-2.82.2-1.fc41
Update description:
Update to 2.82.2, fixes CVE-2024-52533.
NCSC Warns UK Shoppers Lost £11.5m Last Christmas
Read Time:8 Second
The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023
ZDI-24-1512: Progress Software WhatsUp Gold getReport Missing Authentication Authentication Bypass Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to bypass authentication on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-7763.
USN-7108-1: AsyncSSH vulnerabilities
Read Time:26 Second
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the extension info message. An attacker able to
intercept communications could possibly use this issue to downgrade
the algorithm used for client authentication. (CVE-2023-46445)
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the user authentication request message. An
attacker could possibly use this issue to control the remote end of an SSH
client session via packet injection/removal and shell emulation.
(CVE-2023-46446)
cobbler3.2-3.2.3-2.el8
Read Time:8 Second
FEDORA-EPEL-2024-375a09fd04
Packages in this update:
cobbler3.2-3.2.3-2.el8
Update description:
Update to 3.2.3 – CVE-2024-47533