Read Time:19 Second

FEDORA-EPEL-2024-c3521d114d

Packages in this update:

libsass-3.6.6-1.el9
python-libsass-0.23.0-2.el9
python-qtsass-0.4.0-4.el9

Update description:

Security fix for CVE-2022-43357

Update libsass to 3.6.6 (fixes CVE-2022-43357); update python-libsass to 0.23.0 and python-qtsass to 0.4.0, with various packaging improvements.

perl-5.40.2-518.fc42

FEDORA-2025-30244ebfc7 Packages in this update: perl-5.40.2-518.fc42 Update description: Fixes CVE-2025-40909 - Clone dirhandles without fchdir Read More

July 10, 2025

perl-5.40.2-516.fc41

FEDORA-2025-f142899732 Packages in this update: perl-5.40.2-516.fc41 Update description: Fixes CVE-2025-40909 - Clone dirhandles without fchdir Read More

July 10, 2025

Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities

Posted by Egidio Romano on Jul 09 ---------------------------------------------------------------------------------- Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities ----------------------------------------------------------------------------------...

July 10, 2025

Smashing Security podcast #425: Call of Duty: From pew-pew to pwned

As Texas floods, so does the internet – with dangerous lies

Ransomware Attack Stops Nova Scotia Power Meter Readings

AiLock ransomware: What you need to know

Microsoft Patch Tuesday: One Zero-Day and A Potential ‘Wormable’ Flaw

Yet Another Strava Privacy Leak

Chinese State-Sponsored Hacker Charged Over COVID-19 Research Theft

MacOS Infostealer AMOS Evolves with Backdoor for Persistent Access

M&S Chair Details Ransomware Attack, Declines to Confirm if Payment Was Made

libsass-3.6.6-1.el9 python-libsass-0.23.0-2.el9 python-qtsass-0.4.0-4.el9

FEDORA-EPEL-2024-c3521d114d

Packages in this update:

Update description:

perl-5.40.2-518.fc42

perl-5.40.2-516.fc41

Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities

KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery

KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution