Read Time:9 Second
FEDORA-2025-700a59e277
Packages in this update:
zabbix-7.2.5-1.fc42
Update description:
Update to 7.2.5 (CVE-2024-36469, CVE-2024-42325, CVE-2024-45700)
Daily Archives: April 2, 2025
zabbix7.0-7.0.11-1.el8
Read Time:17 Second
FEDORA-EPEL-2025-01e745cb85
Packages in this update:
zabbix7.0-7.0.11-1.el8
Update description:
Update to 7.0.11
CVE-2024-36465, CVE-2024-36469, CVE-2024-42325, CVE-2024-45699, CVE-2024-45700
Re-install SELinux module in %%posttrans to address “upgrade” from zabbixA.B to zabbixX.Y in one transaction
zabbix7.0-7.0.11-1.el9
Read Time:17 Second
FEDORA-EPEL-2025-80a466f7f5
Packages in this update:
zabbix7.0-7.0.11-1.el9
Update description:
Update to 7.0.11
CVE-2024-36465, CVE-2024-36469, CVE-2024-42325, CVE-2024-45699, CVE-2024-45700
Re-install SELinux module in %%posttrans to address “upgrade” from zabbixA.B to zabbixX.Y in one transaction
zabbix6.0-6.0.39-1.el8
Read Time:12 Second
FEDORA-EPEL-2025-77875be662
Packages in this update:
zabbix6.0-6.0.39-1.el8
Update description:
Update to 6.0.39
CVE-2024-45700, CVE-2024-36469, CVE-2024-42325, CVE-2024-45699
Fix selinux module name in uninstall scriptlet
zabbix-7.0.11-1.fc41
Read Time:11 Second
FEDORA-2025-a7a06a72c8
Packages in this update:
zabbix-7.0.11-1.fc41
Update description:
Update to 7.0.11
CVE-2024-36465, CVE-2024-36469, CVE-2024-42325, CVE-2024-45699, CVE-2024-45700
Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers
Read Time:25 Second
Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don’t lose your life savings in a whisky scam…
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus! Don’t miss our featured interview with Alastair Paterson, CEO and co-founder of Harmonic Security, discussing how companies can adopt Generative AI without putting their sensitive data at risk.
USN-7409-1: RubySAML vulnerabilities
Read Time:19 Second
It was discovered that ruby-saml did not correctly handle XML parsing.
An attacker could possibly use this issue to perform a signature
wrapping attack and bypass authentication. (CVE-2025-25291
and CVE-2025-25292)
It was discovered that ruby-saml did not correctly handle decompressing
SAML responses. An attacker could possibly use this issue to cause
a denial of service. (CVE-2025-25293)
USN-7408-2: Linux kernel (FIPS) vulnerabilities
Read Time:13 Second
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– SMB network file system;
– Network namespace;
– Networking core;
(CVE-2024-56658, CVE-2024-35864, CVE-2024-26928)
USN-7408-1: Linux kernel vulnerabilities
Read Time:13 Second
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– SMB network file system;
– Network namespace;
– Networking core;
(CVE-2024-56658, CVE-2024-35864, CVE-2024-26928)
Stripe API Skimming Campaign Unveils New Techniques for Theft
Read Time:7 Second
A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages