Read Time:43 Second

FEDORA-2023-d84a75ea52

Packages in this update:

git-2.40.1-1.fc37

Update description:

update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007)

Refer to the release notes for 2.30.9 for details of each CVE as well as
the following security advisories from the git project:

https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx (CVE-2023-25652)
https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844 (CVE-2023-29007)

(At this time there is no upstream advisory for CVE-2023-25815. This
issue does not affect the Fedora packages as we do not use the runtime
prefix support.)

Release notes:
https://github.com/git/git/raw/v2.30.9/Documentation/RelNotes/2.30.9.txt
https://github.com/git/git/raw/v2.40.1/Documentation/RelNotes/2.40.1.txt

rust-below-0.9.0-1.el8

FEDORA-EPEL-2025-ae12e02519 Packages in this update: rust-below-0.9.0-1.el8 Update description: A privilege escalation vulnerability existed in the Below service prior to v0.9.0...

April 5, 2025

DSA-5894-1 jetty9 – security update

Jetty 9 is a Java based web server and servlet engine. Several security vulnerabilities have been discovered which may allow...

April 5, 2025

DSA-5893-1 tomcat10 – security update

A security vulnerability was found in Tomcat 10, a Java based web server and servlet engine. A malicious user was...

April 5, 2025

GLSA 202504-01: XZ Utils: Use after free

Post Content Read More

April 5, 2025

DSA-5896-1 trafficserver – security update

Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of...

April 5, 2025

DSA-5895-1 xz-utils – security update

Harri K. Koskinen discovered a flaw in the multithreaded .xz decoder lzma_stream_decoder_mt in xz-utils, the XZ-format compression utilities, which may...

April 5, 2025

Friday Squid Blogging: Two-Man Giant Squid

Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

Troy Hunt Gets Phished

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

Major Online Platform for Child Exploitation Dismantled

CrushFTP Vulnerability Exploited Following Disclosure Issues

HellCat ransomware: what you need to know

Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

git-2.40.1-1.fc37

FEDORA-2023-d84a75ea52

Packages in this update:

Update description:

rust-below-0.9.0-1.el8

DSA-5894-1 jetty9 – security update

DSA-5893-1 tomcat10 – security update

GLSA 202504-01: XZ Utils: Use after free

DSA-5896-1 trafficserver – security update

DSA-5895-1 xz-utils – security update