DSA-5588-1 putty - security update

Read Time:26 Second

Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the
SSH protocol is prone to a prefix truncation attack, known as the
“Terrapin attack”. This attack allows a MITM attacker to effect a
limited break of the integrity of the early encrypted SSH transport
protocol by sending extra messages prior to the commencement of
encryption, and deleting an equal number of consecutive messages
immediately after encryption starts.

Details can be found at https://terrapin-attack.com/

https://security-tracker.debian.org/tracker/DSA-5588-1

A Vulnerability in SAP NetWeaver Visual Composer Could Allow for Remote Code Execution

A vulnerability has been discovered in SAP NetWeaver Visual Composer, which could allow for remote code execution. SAP NetWeaver Visual...

April 25, 2025

USN-7455-4: Linux kernel (Oracle) vulnerabilities

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local...

April 25, 2025

ZDI-CAN-26945: NI

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor...

April 25, 2025

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

What is the Vulnerability?A critical path traversal vulnerability has been identified in Commvault's Command Center Innovation Release. The vulnerability, tracked...

April 25, 2025

chromium-135.0.7049.114-1.fc41

FEDORA-2025-9ea1ed1fcf Packages in this update: chromium-135.0.7049.114-1.fc41 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

chromium-135.0.7049.114-1.el10_1

FEDORA-EPEL-2025-41e9d3ba95 Packages in this update: chromium-135.0.7049.114-1.el10_1 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical

US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Popular LLMs Found to Produce Vulnerable Code by Default

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

DSA-5588-1 putty – security update

A Vulnerability in SAP NetWeaver Visual Composer Could Allow for Remote Code Execution

USN-7455-4: Linux kernel (Oracle) vulnerabilities

ZDI-CAN-26945: NI

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

chromium-135.0.7049.114-1.fc41

chromium-135.0.7049.114-1.el10_1