Read Time:31 Second

FEDORA-2023-a2621f58a9

Packages in this update:

bind-9.18.19-1.fc38
bind-dyndb-ldap-11.10-21.fc38

Update description:

BIND 9.18.19

Security Fixes

Previously, sending a specially crafted message over the control channel could cause the packet-parsing code to run out of available stack memory, causing named to terminate unexpectedly. This has been fixed. (CVE-2023-3341)
A flaw in the networking code handling DNS-over-TLS queries could cause named to terminate unexpectedly due to an assertion failure under significant DNS-over-TLS query load. This has been fixed. (CVE-2023-4236)
Upstream release notes

php-tcpdf-6.8.0-1.fc41

FEDORA-2024-7d6412477b Packages in this update: php-tcpdf-6.8.0-1.fc41 Update description: Version 6.8.0 (2024-12-23) Requires PHP 7.1+ and curl extension. Escape error message....

December 30, 2024

php-tcpdf-6.8.0-1.fc40

FEDORA-2024-d6b0e72e3d Packages in this update: php-tcpdf-6.8.0-1.fc40 Update description: Version 6.8.0 (2024-12-23) Requires PHP 7.1+ and curl extension. Escape error message....

December 30, 2024

ZDI-24-1741: WSO2 API Manager SynapseArtifactUploaderAdmin Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WSO2 API Manager. Authentication is required to...

December 30, 2024

ZDI-24-1740: WSO2 API Manager Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of WSO2 API Manager. Authentication is not required to...

December 30, 2024

ZDI-24-1739: Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain...

December 30, 2024

ZDI-24-1738: Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required...

December 30, 2024

Salt Typhoon’s Reach Continues to Grow

Majority of UK SMEs Lack Cybersecurity Policy

Happy 15th Anniversary, KrebsOnSecurity!

CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

Casino Players Using Hidden Cameras for Cheating

Friday Squid Blogging: Squid on Pizza

Scams Based on Fake Google Emails

Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%

The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)

bind-9.18.19-1.fc38 bind-dyndb-ldap-11.10-21.fc38

FEDORA-2023-a2621f58a9

Packages in this update:

Update description:

BIND 9.18.19

Security Fixes

php-tcpdf-6.8.0-1.fc41

php-tcpdf-6.8.0-1.fc40

ZDI-24-1741: WSO2 API Manager SynapseArtifactUploaderAdmin Unrestricted File Upload Remote Code Execution Vulnerability

ZDI-24-1740: WSO2 API Manager Exposed Dangerous Function Authentication Bypass Vulnerability

ZDI-24-1739: Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability

ZDI-24-1738: Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability