Read Time:18 Second

FEDORA-EPEL-2025-75d8605b8c

Packages in this update:

stb-0^20241002git31707d1-4.el9

Update description:

Add another patch for the root cause of CVE-2021-45340. We already have a patch for CVE-2021-45340, but adding this new patch may prevent a related, unproven exploit as described in https://github.com/nothings/stb/pull/1454#issuecomment-2581308033.

USN-7169-5: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 10, 2025

stb-0^20241002git31707d1-5.el10_0

FEDORA-EPEL-2025-93a1152ae1 Packages in this update: stb-0^20241002git31707d1-5.el10_0 Update description: Add another patch for the root cause of CVE-2021-45340. We already have...

January 10, 2025

stb-0^20241002git31707d1-4.fc40

FEDORA-2025-49e8952aab Packages in this update: stb-0^20241002git31707d1-4.fc40 Update description: Add another patch for the root cause of CVE-2021-45340. We already have...

January 10, 2025

ZDI-25-026: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Mintty. User interaction is required to exploit...

January 10, 2025

Ivanti Connect Secure Zero-Day Vulnerability

What are the Vulnerabilities?Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. CVE-2025-0282 is an...

January 10, 2025

USN-7198-1: rlottie vulnerabilities

Paolo Giai discovered a series of stack-based overflow vulnerabilities in the blit and gray_render_cubic functions of a custom fork of...

January 10, 2025

Friday Squid Blogging: Cotton-and-Squid-Bone Sponge

Apps That Are Spying on Your Location

Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer

Slovakia Hit by Historic Cyber-Attack on Land Registry

Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you

Medusind Breach Exposes Sensitive Patient Data

Fake PoC Exploit Targets Security Researchers with Infostealer

Smashing Security podcast #399: Honey in hot water, and reset your devices

Space Bears ransomware: what you need to know

stb-0^20241002git31707d1-4.el9

FEDORA-EPEL-2025-75d8605b8c

Packages in this update:

Update description:

USN-7169-5: Linux kernel (Real-time) vulnerabilities

stb-0^20241002git31707d1-5.el10_0

stb-0^20241002git31707d1-4.fc40

ZDI-25-026: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability

Ivanti Connect Secure Zero-Day Vulnerability

USN-7198-1: rlottie vulnerabilities