Read Time:24 Second

FEDORA-EPEL-2023-9791f0b66c

Packages in this update:

composer-2.6.4-1.el9

Update description:

Version 2.6.4 – 2023-09-29

Security: Fixed possible remote code execution vulnerability if composer.phar is publicly accessible, executable as PHP, and register_argc_argv is enabled in php.ini (GHSA-jm6m-4632-36hf / CVE-2023-43655)
Fixed json output of abandoned packages in audit command (#11647)
Performance improvement in pool optimization step (#11638)
Performance improvement in show -a <packagename> (#11659)

GitPython-3.1.18-3.el8

FEDORA-EPEL-2025-106950fd79 Packages in this update: GitPython-3.1.18-3.el8 Update description: Backport upstream patches to fix CVE-2023-41040 Read More

April 16, 2025

LSN-0111-1: Kernel Live Patch Security Notice

It was discovered that the watch_queue event notification system contained an out-of-bounds write vulnerability. A local attacker could use this...

April 16, 2025

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

FEDORA-2025-2280949271 Packages in this update: golang-github-openprinting-ipp-usb-0.9.30-4.fc40 Update description: rebuild with new golang to fix CVE-2025-22870 (fedora#2352013) Read More

April 16, 2025

mingw-libsoup-2.74.3-11.fc41

FEDORA-2025-bd12d23d21 Packages in this update: mingw-libsoup-2.74.3-11.fc41 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

mingw-libsoup-2.74.3-11.fc42

FEDORA-2025-c4605302b8 Packages in this update: mingw-libsoup-2.74.3-11.fc42 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

mingw-libsoup-2.74.3-11.fc40

FEDORA-2025-67e824b908 Packages in this update: mingw-libsoup-2.74.3-11.fc40 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

Smashing Security podcast #413: Hacking the hackers… with a credit card?

CVE Program Almost Unfunded

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

92% of Mobile Apps Found to Use Insecure Cryptographic Methods

Insurance firm Lemonade warns of breach of thousands of driving license numbers

Scalper Bots Fueling DVSA Driving Test Black Market

Chaos Reins as MITRE Set to Cease CVE and CWE Operations

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

composer-2.6.4-1.el9

FEDORA-EPEL-2023-9791f0b66c

Packages in this update:

Update description:

GitPython-3.1.18-3.el8

LSN-0111-1: Kernel Live Patch Security Notice

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

mingw-libsoup-2.74.3-11.fc41

mingw-libsoup-2.74.3-11.fc42

mingw-libsoup-2.74.3-11.fc40