Read Time:1 Minute, 13 Second

FEDORA-2023-37ae269843

Packages in this update:

clevis-pin-tpm2-0.5.2-5.fc37
greetd-0.9.0-4.fc37
keyring-ima-signer-0.1.0-9.fc37
libkrun-1.5.0-2.fc37
mirrorlist-server-3.0.6-6.fc37
nispor-1.2.10-4.fc37
nmstate-2.2.10-5.fc37
rust-afterburn-5.4.0-3.fc37
rust-below-0.6.3-4.fc37
rust-bodhi-cli-2.1.0-2.fc37
rust-cargo-c-0.9.12-4.fc37
rust-coreos-installer-0.17.0-2.fc37
rust-fedora-update-feedback-2.1.2-2.fc37
rust-git-delta-0.13.0-5.fc37
rust-gst-plugin-reqwest-0.10.4-2.fc37
rust-pore-0.1.8-3.fc37
rust-rpm-sequoia-1.4.0-2.fc37
rust-sequoia-octopus-librnp-1.4.1-8.fc37
rust-sequoia-policy-config-0.6.0-3.fc37
rust-sequoia-sq-0.26.0-7.fc37
rust-sevctl-0.3.2-4.fc37
rust-tealdeer-1.6.1-2.fc37
rust-ybaas-0.0.10-7.fc37

Update description:

Recent updates for the tokio, h2, and openssl crates addressed some (potential or confirmed) security or soundness issues:

tokio: RUSTSEC-2023-0005
h2: RUSTSEC-2023-0034 / CVE-2023-26964
openssl: RUSTSEC-2023-0022, RUSTSEC-2023-0023, RUSTSEC-2023-0024

This update contains rebuilds of all affected applications against the latest versions of these crates, which have addressed all linked issues.

Friday Squid Blogging: Squid Game Season Two Teaser

Clever Social Engineering Attack Using Captchas

US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities

Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable

Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions

This Windows PowerShell Phish Has Scary Potential

Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data

FBI Shuts Down Chinese Botnet

Western Agencies Warn Risk from Chinese-Controlled Botnet

FEDORA-2023-37ae269843

Packages in this update:

Update description:

ZDI-CAN-25373: Microsoft

DSA-5774-1 ruby-saml – security update

USN-6968-2: PostgreSQL vulnerability

USN-7015-2: Python vulnerabilities

USN-7027-1: Emacs vulnerabilities

USN-7024-1: tgt vulnerability