Read Time:39 Second

FEDORA-2023-7a98e2d545

Packages in this update:

redis-6.2.11-1.fc36

Update description:

Redis 6.2.11 – Released Tue Feb 28 12:00:00 IST 2023

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:

(CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
commands can trigger an integer overflow, resulting in a runtime assertion
and termination of the Redis server process.
(CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially
crafted pattern to trigger a denial-of-service attack on Redis, causing it to
hang and consume 100% CPU time.

Bug Fixes

Fix a crash when reaching the maximum invalidations limit of client-side tracking (#11814)
Fix cluster inbound link keepalive time (#11785)
Make sure that fork child doesn’t do incremental rehashing (#11692)

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

LockBit Admins Tease a New Ransomware Version

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

CISA Urges Encrypted Messaging After Salt Typhoon Hack

Ransomware Attackers Target Industries with Low Downtime Tolerance

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

US Organizations Still Using Kaspersky Products Despite Ban

redis-6.2.11-1.fc36

FEDORA-2023-7a98e2d545

Packages in this update:

Update description:

CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205

USN-7179-1: Linux kernel vulnerabilities

USN-7173-2: Linux kernel vulnerabilities

swiftlint-0.57.1-1.fc42

USN-7166-3: Linux kernel (HWE) vulnerabilities

USN-7159-4: Linux kernel (IoT) vulnerabilities