Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH
protocol was vulnerable to a prefix truncation attack. If a remote attacker
was able to intercept SSH communications, extension negotiation messages
could be truncated, possibly leading to certain algorithms and features
being downgraded. This issue is known as the Terrapin attack. This update
adds protocol extensions to mitigate this issue.
More Stories
firefox-131.0-2.fc41
FEDORA-2024-1d8785c391 Packages in this update: firefox-131.0-2.fc41 Update description: New upstream builds (131.0) Read More
firefox-131.0-2.fc40
FEDORA-2024-5f39927e90 Packages in this update: firefox-131.0-2.fc40 Update description: New upstream builds (131.0) Read More
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. ...
USN-7050-1: Devise-Two-Factor vulnerabilities
Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could possibly use this issue...
USN-7022-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7043-2: cups-filters vulnerability
USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone...