USN-7050-1: Devise-Two-Factor vulnerabilities

Read Time:20 Second

Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor
incorrectly handled one-time password validation. An attacker could
possibly use this issue to intercept and re-use a one-time password.
(CVE-2021-43177)

Garrett Rappaport discovered that Devise-Two-Factor incorrectly handled
generating multi-factor authentication codes. An attacker could possibly
use this issue to generate valid multi-factor authentication codes.
(CVE-2024-8796)

USN-7022-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

October 1, 2024

USN-7043-2: cups-filters vulnerability

USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone...

October 1, 2024

USN-7049-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to...

October 1, 2024

USN-7003-5: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...

October 1, 2024

webkitgtk-2.46.1-1.fc39

FEDORA-2024-e1357fc22f Packages in this update: webkitgtk-2.46.1-1.fc39 Update description: Fix login QR code not shown in WhatsApp web. Disable PSON by...

October 1, 2024

webkitgtk-2.46.1-1.fc41

FEDORA-2024-b142cc07d0 Packages in this update: webkitgtk-2.46.1-1.fc41 Update description: Fix login QR code not shown in WhatsApp web. Disable PSON by...

October 1, 2024

The AI Fix #18: ChatGPT’s false memories, and would an inner critic stop AI hallucinations?

British Hacker Charged in the US For $3.75m Insider Trading Scheme

Ransomware Attack Forces UMC to Divert Emergency Patients

Evil Corp’s LockBit Ties Exposed in Latest Phase of Operation Cronos

T-Mobile to Pay $15.75m Penalty for Multiple Data Breaches

Hacking ChatGPT by Planting False Memories into Its Data

People Know Their Data Rights, and They’re Here to Play Ball

Ten Million Brits Hit By Fraud in Just Three Years

ISACA: European Security Teams Are Understaffed and Underfunded

USN-7050-1: Devise-Two-Factor vulnerabilities

USN-7022-2: Linux kernel vulnerabilities

USN-7043-2: cups-filters vulnerability

USN-7049-1: PHP vulnerabilities

USN-7003-5: Linux kernel vulnerabilities

webkitgtk-2.46.1-1.fc39

webkitgtk-2.46.1-1.fc41