Read Time:37 Second

FEDORA-2023-03422cb8de

Packages in this update:

redis-7.0.13-1.fc38

Update description:

Redis 7.0.13 Released Wed 06 Sep 2023 15:00:00 IDT

Upgrade urgency SECURITY: See security fixes below.

Security Fixes

(CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and
as a result may grant users executing this command access to keys that are not
explicitly authorized by the ACL configuration.

Bug Fixes

Cluster: fix a race condition where a slot migration may revert on a
subsequent failover or node joining (#12344)
Ensure that the function load timeout is disabled during loading from RDB/AOF
and on replicas. (#12451)
Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)

Friday Squid Blogging: Cotton-and-Squid-Bone Sponge

Apps That Are Spying on Your Location

Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer

Slovakia Hit by Historic Cyber-Attack on Land Registry

Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you

Medusind Breach Exposes Sensitive Patient Data

Fake PoC Exploit Targets Security Researchers with Infostealer

Smashing Security podcast #399: Honey in hot water, and reset your devices

Space Bears ransomware: what you need to know

redis-7.0.13-1.fc38

FEDORA-2023-03422cb8de

Packages in this update:

Update description:

USN-7169-5: Linux kernel (Real-time) vulnerabilities

stb-0^20241002git31707d1-4.el9

stb-0^20241002git31707d1-5.el10_0

stb-0^20241002git31707d1-4.fc40

ZDI-25-026: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability

Ivanti Connect Secure Zero-Day Vulnerability