Read Time:49 Second

FEDORA-2024-47e4624c89

Packages in this update:

python3.9-3.9.21-1.fc41

Update description:

Python 3.9.21 security release.

Security content in this release

gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified.
CVE-2024-9287: gh-124651: Properly quote template strings in venv activation scripts.
gh-103848: Added checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
gh-95588: Clarified the conflicting advice given in the ast documentation about ast.literal_eval() being “safe” for use on untrusted input while at the same time warning that it can crash the process. The latter statement is true and is deemed unfixable without a large amount of work unsuitable for a bugfix. So we keep the warning and no longer claim that literal_eval is safe.

Threat Actors Abuse Trust in Cloud Collaboration Platforms

Malicious npm Packages Deliver Sophisticated Reverse Shells

ETSI Publishes New Quantum-Safe Encryption Standards

AI Data Poisoning

ENISA Probes Space Threat Landscape in New Report

UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats

New Android Malware Uses .NET MAUI to Evade Detection

Cybercriminals Use Atlantis AIO to Target 140+ Platforms

The AI Fix #43: I, for one, welcome our new robot overlords!

python3.9-3.9.21-1.fc41

FEDORA-2024-47e4624c89

Packages in this update:

Update description:

Security content in this release

exim-4.98.2-1.fc41

exim-4.98.2-1.fc42

corosync-3.1.9-2.fc40

varnish-7.5.0-3.fc41

corosync-3.1.9-2.fc41

corosync-3.1.9-3.fc42