Read Time:22 Second

FEDORA-2024-39f0ccfbc3

Packages in this update:

python3.10-3.10.16-1.fc42

Update description:

Automatic update for python3.10-3.10.16-1.fc42.

Changelog

* Wed Dec 4 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.10.16-1
– Update to 3.10.16
– Security fix for CVE-2024-9287
Resolves: rhbz#2321654
* Wed Sep 11 2024 Miro Hrončok <mhroncok@redhat.com> – 3.10.15-2
– Fix ThreadedVSOCKSocketStreamTest

USN-7178-1: DPDK vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this...

December 19, 2024

LSN-0108-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt...

December 19, 2024

ZDI-24-1711: AnyDesk Link Following Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the...

December 19, 2024

ZDI-24-1710: Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required...

December 19, 2024

ZDI-24-1709: Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required...

December 19, 2024

ZDI-24-1708: Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required...

December 19, 2024

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

US Organizations Still Using Kaspersky Products Despite Ban

Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme

Mailbox Insecurity

New Malware Can Kill Engineering Processes in ICS Environments

EU Opens Door for AI Training Using Personal Data

Crypto-Hackers Steal $2.2bn as North Koreans Dominate

Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment”

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

python3.10-3.10.16-1.fc42

FEDORA-2024-39f0ccfbc3

Packages in this update:

Update description:

Changelog

USN-7178-1: DPDK vulnerability

LSN-0108-1: Kernel Live Patch Security Notice

ZDI-24-1711: AnyDesk Link Following Information Disclosure Vulnerability

ZDI-24-1710: Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-24-1709: Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-24-1708: Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability