Defense in depth - the Microsoft way (part 86): shipping rotten software to billions of unsuspecting customers

Read Time:27 Second

Posted by Stefan Kanthak on Oct 16

Hi @ll,

the 7 cURL versions after 8.0.1, released March 20, 2023,
<https://curl.se/docs/releases.html>, fix the following 3
vulnerabilities <https://curl.se/docs/vulnerabilities.html>:
CVE-2023-38039 <https://curl.se/docs/CVE-2023-38039.html>
CVE-2023-38545 <https://curl.se/docs/CVE-2023-38545.html>
CVE-2023-38546 <https://curl.se/docs/CVE-2023-38546.html>

Once again (really: for several months), in their VERY…

USN-7455-4: Linux kernel (Oracle) vulnerabilities

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local...

April 25, 2025

ZDI-CAN-26945: NI

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor...

April 25, 2025

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

What is the Vulnerability?A critical path traversal vulnerability has been identified in Commvault's Command Center Innovation Release. The vulnerability, tracked...

April 25, 2025

chromium-135.0.7049.114-1.fc41

FEDORA-2025-9ea1ed1fcf Packages in this update: chromium-135.0.7049.114-1.fc41 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

chromium-135.0.7049.114-1.el10_1

FEDORA-EPEL-2025-41e9d3ba95 Packages in this update: chromium-135.0.7049.114-1.el10_1 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

chromium-135.0.7049.114-1.fc42

FEDORA-2025-ca9bc14500 Packages in this update: chromium-135.0.7049.114-1.fc42 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical

US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Popular LLMs Found to Produce Vulnerable Code by Default

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

Defense in depth — the Microsoft way (part 86): shipping rotten software to billions of unsuspecting customers

USN-7455-4: Linux kernel (Oracle) vulnerabilities

ZDI-CAN-26945: NI

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

chromium-135.0.7049.114-1.fc41

chromium-135.0.7049.114-1.el10_1

chromium-135.0.7049.114-1.fc42