Category Archives: Advisories

Backdoor.Win32.Loselove / Denial of Service

Read Time:21 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9a8150938bff3a17fa0169c3dc6dae85.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Loselove
Vulnerability: Denial of Service
Description: The malware listens on UDP ports 9329, 8329, 8322, 8131 and
8130. Attackers can send a large junk payload to UDP port 8131 causing it
to crash.
Family: Loselove
Type: PE32
MD5:…

Read More

HackTool.Win32.Delf.vs / Insecure Credential Storage

Read Time:19 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/92f7f9495ffd56d05a5acf395c9e0097.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HackTool.Win32.Delf.vs
Vulnerability: Insecure Credential Storage
Description: The malware credentials are stored in cleartext within the
sysinfo.ini file.
Family: Delf
Type: PE32
MD5: 92f7f9495ffd56d05a5acf395c9e0097
Vuln ID: MVID-2022-0553…

Read More

git-2.34.3-1.fc34

Read Time:50 Second

FEDORA-2022-2fec5f30be

Packages in this update:

git-2.34.3-1.fc34

Update description:

Update to 2.34.3 (release notes)

This release addresses CVE-2022-24765. Per the release announcement:

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in C:.git, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.

A broad “escape hatch” is available in cases where all the repositories you may enter are considered safe, regardless of their ownership. Quoting another release announcement:

* can be used as the value for the safe.directory variable to signal that the user considers that any directory is safe.

Read More

bettercap-2.28-9.fc34 chisel-1.7.7-2.fc34 commit-stream-0.1.2-6.fc34 containerd-1.6.2-3.fc34 gobuster-3.1.0-2.fc34 golang-contrib-opencensus-resource-0.1.2-6.fc34 golang-gioui-0-7.20201225git18d4dbf.fc34 golang-github-appc-docker2aci-0.17.2-8.fc34 golang-github-appc-goaci-0.1.1-10.fc34 golang-github-appc-spec-0.8.11-13.fc34 golang-github-containerd-continuity-0.2.2-2.fc34 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc34 golang-github-coredns-corefile-migration-1.0.11-5.fc34 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc34 golang-github-francoispqt-gojay-1.2.13-6.fc34 golang-github-gogo-googleapis-1.4.1-3.fc34 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc34 golang-github-google-containerregistry-0.5.1-4.fc34 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc34 golang-github-googleapis-gnostic-0.5.3-5.fc34 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc34 golang-github-instrumenta-kubeval-0.15.0-7.fc34 golang-github-intel-goresctrl-0.2.0-4.fc34 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc34 golang-github-pact-foundation-1.5.1-5.fc34 golang-github-prometheus-2.32.1-4.fc34 golang-github-prometheus-alertmanager-0.23.0-8.fc34 golang-github-prometheus-node-exporter-1.3.1-7.fc34 golang-github-prometheus-tsdb-0.10.0-6.fc34 golang-github-redteampentesting-monsoon-0.6.0-5.fc34 golang-github-spf13-cobra-1.4.0-2.fc34 golang-github-theupdateframework-notary-0.7.0-4.fc34 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc34 golang-gopkg-src-d-git-4-4.13.1-7.fc34 golang-k8s-apiextensions-apiserver-1.22.0-5.fc34 golang-k8s-code-generator-1.22.0-3.fc34 golang-k8s-kube-aggregator-1.22.0-3.fc34 golang-k8s-sample-apiserver-1.22.0-4.fc34 golang-k8s-sample-controller-1.22.0-3.fc34 golang-mongodb-mongo-driver-1.4.5-5.fc34 golang-storj-drpc-0.0.16-5.fc34 golang-x-perf-0-0.14.20210123gitbdcc622.fc34 grpcurl-1.8.6-2.fc34 onionscan-0.2-6.fc34 shellz-1.5.0-6.fc34 shhgit-0.2-6.fc34 snowcrash-0-0.6.20201119git49b99ad.fc34 xq-0.0.7-3.fc34

Read Time:2 Minute, 4 Second

FEDORA-2022-5cbd6de569

Packages in this update:

bettercap-2.28-9.fc34
chisel-1.7.7-2.fc34
commit-stream-0.1.2-6.fc34
containerd-1.6.2-3.fc34
gobuster-3.1.0-2.fc34
golang-contrib-opencensus-resource-0.1.2-6.fc34
golang-gioui-0-7.20201225git18d4dbf.fc34
golang-github-appc-docker2aci-0.17.2-8.fc34
golang-github-appc-goaci-0.1.1-10.fc34
golang-github-appc-spec-0.8.11-13.fc34
golang-github-containerd-continuity-0.2.2-2.fc34
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc34
golang-github-coredns-corefile-migration-1.0.11-5.fc34
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc34
golang-github-francoispqt-gojay-1.2.13-6.fc34
golang-github-gogo-googleapis-1.4.1-3.fc34
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc34
golang-github-googleapis-gnostic-0.5.3-5.fc34
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc34
golang-github-google-containerregistry-0.5.1-4.fc34
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc34
golang-github-instrumenta-kubeval-0.15.0-7.fc34
golang-github-intel-goresctrl-0.2.0-4.fc34
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc34
golang-github-pact-foundation-1.5.1-5.fc34
golang-github-prometheus-2.32.1-4.fc34
golang-github-prometheus-alertmanager-0.23.0-8.fc34
golang-github-prometheus-node-exporter-1.3.1-7.fc34
golang-github-prometheus-tsdb-0.10.0-6.fc34
golang-github-redteampentesting-monsoon-0.6.0-5.fc34
golang-github-spf13-cobra-1.4.0-2.fc34
golang-github-theupdateframework-notary-0.7.0-4.fc34
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc34
golang-gopkg-src-d-git-4-4.13.1-7.fc34
golang-k8s-apiextensions-apiserver-1.22.0-5.fc34
golang-k8s-code-generator-1.22.0-3.fc34
golang-k8s-kube-aggregator-1.22.0-3.fc34
golang-k8s-sample-apiserver-1.22.0-4.fc34
golang-k8s-sample-controller-1.22.0-3.fc34
golang-mongodb-mongo-driver-1.4.5-5.fc34
golang-storj-drpc-0.0.16-5.fc34
golang-x-perf-0-0.14.20210123gitbdcc622.fc34
grpcurl-1.8.6-2.fc34
onionscan-0.2-6.fc34
shellz-1.5.0-6.fc34
shhgit-0.2-6.fc34
snowcrash-0-0.6.20201119git49b99ad.fc34
xq-0.0.7-3.fc34

Update description:

Rebuild for CVE-2022-27191

Read More

bettercap-2.28-9.fc35 chisel-1.7.7-2.fc35 commit-stream-0.1.2-6.fc35 containerd-1.6.2-2.fc35 doctl-1.73.0-2.fc35 gh-2.7.0-2.fc35 gobuster-3.1.0-2.fc35 golang-contrib-opencensus-resource-0.1.2-6.fc35 golang-gioui-0-7.20201225git18d4dbf.fc35 golang-github-appc-docker2aci-0.17.2-8.fc35 golang-github-appc-goaci-0.1.1-10.fc35 golang-github-appc-spec-0.8.11-13.fc35 golang-github-containerd-continuity-0.2.2-2.fc35 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc35 golang-github-coredns-corefile-migration-1.0.11-5.fc35 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc35 golang-github-francoispqt-gojay-1.2.13-6.fc35 golang-github-gogo-googleapis-1.4.1-3.fc35 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc35 golang-github-googleapis-gnostic-0.5.3-5.fc35 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc35 golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc35 golang-github-haproxytech-client-native-2.5.3-2.fc35 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc35 golang-github-instrumenta-kubeval-0.15.0-7.fc35 golang-github-intel-goresctrl-0.2.0-4.fc35 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc35 golang-github-pact-foundation-1.5.1-5.fc35 golang-github-prometheus-2.32.1-4.fc35 golang-github-prometheus-alertmanager-0.23.0-8.fc35 golang-github-prometheus-node-exporter-1.3.1-7.fc35 golang-github-redteampentesting-monsoon-0.6.0-5.fc35 golang-github-spf13-cobra-1.4.0-2.fc35 golang-github-theupdateframework-notary-0.7.0-4.fc35 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35 golang-gopkg-src-d-git-4-4.13.1-7.fc35 golang-k8s-apiextensions-apiserver-1.22.0-5.fc35 golang-k8s-code-generator-1.22.0-3.fc35 golang-k8s-kube-aggregator-1.22.0-3.fc35 golang-k8s-sample-apiserver-1.22.0-4.fc35 golang-k8s-sample-controller-1.22.0-3.fc35 golang-mongodb-mongo-driver-1.4.5-5.fc35 golang-storj-drpc-0.0.16-5.fc35 golang-x-perf-0-0.14.20210123gitbdcc622.fc35 gopass-1.13.1-2.fc35 grpcurl-1.8.6-2.fc35 onionscan-0.2-6.fc35 shellz-1.5.0-6.fc35 shhgit-0.2-6.fc35 snowcrash-0-0.6.20201119git49b99ad.fc35 xq-0.0.7-3.fc35

Read Time:2 Minute, 13 Second

FEDORA-2022-3a63897745

Packages in this update:

bettercap-2.28-9.fc35
chisel-1.7.7-2.fc35
commit-stream-0.1.2-6.fc35
containerd-1.6.2-2.fc35
doctl-1.73.0-2.fc35
gh-2.7.0-2.fc35
gobuster-3.1.0-2.fc35
golang-contrib-opencensus-resource-0.1.2-6.fc35
golang-gioui-0-7.20201225git18d4dbf.fc35
golang-github-appc-docker2aci-0.17.2-8.fc35
golang-github-appc-goaci-0.1.1-10.fc35
golang-github-appc-spec-0.8.11-13.fc35
golang-github-containerd-continuity-0.2.2-2.fc35
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc35
golang-github-coredns-corefile-migration-1.0.11-5.fc35
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc35
golang-github-francoispqt-gojay-1.2.13-6.fc35
golang-github-gogo-googleapis-1.4.1-3.fc35
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35
golang-github-googleapis-gnostic-0.5.3-5.fc35
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc35
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc35
golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc35
golang-github-haproxytech-client-native-2.5.3-2.fc35
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc35
golang-github-instrumenta-kubeval-0.15.0-7.fc35
golang-github-intel-goresctrl-0.2.0-4.fc35
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc35
golang-github-pact-foundation-1.5.1-5.fc35
golang-github-prometheus-2.32.1-4.fc35
golang-github-prometheus-alertmanager-0.23.0-8.fc35
golang-github-prometheus-node-exporter-1.3.1-7.fc35
golang-github-redteampentesting-monsoon-0.6.0-5.fc35
golang-github-spf13-cobra-1.4.0-2.fc35
golang-github-theupdateframework-notary-0.7.0-4.fc35
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35
golang-gopkg-src-d-git-4-4.13.1-7.fc35
golang-k8s-apiextensions-apiserver-1.22.0-5.fc35
golang-k8s-code-generator-1.22.0-3.fc35
golang-k8s-kube-aggregator-1.22.0-3.fc35
golang-k8s-sample-apiserver-1.22.0-4.fc35
golang-k8s-sample-controller-1.22.0-3.fc35
golang-mongodb-mongo-driver-1.4.5-5.fc35
golang-storj-drpc-0.0.16-5.fc35
golang-x-perf-0-0.14.20210123gitbdcc622.fc35
gopass-1.13.1-2.fc35
grpcurl-1.8.6-2.fc35
onionscan-0.2-6.fc35
shellz-1.5.0-6.fc35
shhgit-0.2-6.fc35
snowcrash-0-0.6.20201119git49b99ad.fc35
xq-0.0.7-3.fc35

Update description:

Rebuild for CVE-2022-27191

Read More

bettercap-2.28-9.fc36 chisel-1.7.7-2.fc36 commit-stream-0.1.2-6.fc36 containerd-1.6.2-2.fc36 doctl-1.73.0-2.fc36 git-time-metric-1.3.5-14.fc36 gobuster-3.1.0-2.fc36 golang-contrib-opencensus-resource-0.1.2-6.fc36 golang-gioui-0-7.20201225git18d4dbf.fc36 golang-github-acme-lego-4.4.0-4.fc36 golang-github-appc-docker2aci-0.17.2-8.fc36 golang-github-appc-goaci-0.1.1-10.fc36 golang-github-appc-spec-0.8.11-13.fc36 golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc36 golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc36 golang-github-containerd-continuity-0.2.2-2.fc36 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc36 golang-github-coredns-corefile-migration-1.0.11-5.fc36 golang-github-cucumber-godog-0.12.1-3.fc36 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc36 golang-github-francoispqt-gojay-1.2.13-6.fc36 golang-github-gogo-googleapis-1.4.1-3.fc36 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc36 golang-github-google-containerregistry-0.5.1-4.fc36 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc36 golang-github-googleapis-gnostic-0.5.3-5.fc36 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc36 golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc36 golang-github-haproxytech-client-native-2.5.3-2.fc36 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc36 golang-github-instrumenta-kubeval-0.15.0-7.fc36 golang-github-intel-goresctrl-0.2.0-4.fc36 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc36 golang-github-pact-foundation-1.5.1-5.fc36 golang-github-prometheus-2.32.1-4.fc36 golang-github-prometheus-alertmanager-0.23.0-8.fc36 golang-github-prometheus-node-exporter-1.3.1-7.fc36 golang-github-prometheus-tsdb-0.10.0-6.fc36 golang-github-redteampentesting-monsoon-0.6.0-5.fc36 golang-github-spf13-cobra-1.4.0-2.fc36 golang-github-theupdateframework-notary-0.7.0-4.fc36 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc36 golang-gopkg-src-d-git-4-4.13.1-7.fc36 golang-k8s-apiextensions-apiserver-1.22.0-5.fc36 golang-k8s-code-generator-1.22.0-3.fc36 golang-k8s-kube-aggregator-1.22.0-3.fc36 golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc36 golang-k8s-sample-apiserver-1.22.0-4.fc36 golang-k8s-sample-controller-1.22.0-3.fc36 golang-mongodb-mongo-driver-1.4.5-5.fc36 golang-storj-drpc-0.0.16-5.fc36 golang-x-debug-0-0.13.20210123gitc934e1b.fc36 golang-x-exp-0-0.42.20220330git053ad81.fc36 golang-x-perf-0-0.14.20210123gitbdcc622.fc36 gopass-1.13.1-2.fc36 grpcurl-1.8.6-2.fc36 onionscan-0.2-6.fc36 open-policy-agent-0.31.0-4.fc36 shellz-1.5.0-6.fc36 shhgit-0.2-6.fc36 snowcrash-0-0.6.20201119git49b99ad.fc36 xq-0.0.7-3.fc36

Read Time:2 Minute, 42 Second

FEDORA-2022-08ae2dd481

Packages in this update:

bettercap-2.28-9.fc36
chisel-1.7.7-2.fc36
commit-stream-0.1.2-6.fc36
containerd-1.6.2-2.fc36
doctl-1.73.0-2.fc36
git-time-metric-1.3.5-14.fc36
gobuster-3.1.0-2.fc36
golang-contrib-opencensus-resource-0.1.2-6.fc36
golang-gioui-0-7.20201225git18d4dbf.fc36
golang-github-acme-lego-4.4.0-4.fc36
golang-github-appc-docker2aci-0.17.2-8.fc36
golang-github-appc-goaci-0.1.1-10.fc36
golang-github-appc-spec-0.8.11-13.fc36
golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc36
golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc36
golang-github-containerd-continuity-0.2.2-2.fc36
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc36
golang-github-coredns-corefile-migration-1.0.11-5.fc36
golang-github-cucumber-godog-0.12.1-3.fc36
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc36
golang-github-francoispqt-gojay-1.2.13-6.fc36
golang-github-gogo-googleapis-1.4.1-3.fc36
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc36
golang-github-googleapis-gnostic-0.5.3-5.fc36
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc36
golang-github-google-containerregistry-0.5.1-4.fc36
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc36
golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc36
golang-github-haproxytech-client-native-2.5.3-2.fc36
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc36
golang-github-instrumenta-kubeval-0.15.0-7.fc36
golang-github-intel-goresctrl-0.2.0-4.fc36
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc36
golang-github-pact-foundation-1.5.1-5.fc36
golang-github-prometheus-2.32.1-4.fc36
golang-github-prometheus-alertmanager-0.23.0-8.fc36
golang-github-prometheus-node-exporter-1.3.1-7.fc36
golang-github-prometheus-tsdb-0.10.0-6.fc36
golang-github-redteampentesting-monsoon-0.6.0-5.fc36
golang-github-spf13-cobra-1.4.0-2.fc36
golang-github-theupdateframework-notary-0.7.0-4.fc36
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc36
golang-gopkg-src-d-git-4-4.13.1-7.fc36
golang-k8s-apiextensions-apiserver-1.22.0-5.fc36
golang-k8s-code-generator-1.22.0-3.fc36
golang-k8s-kube-aggregator-1.22.0-3.fc36
golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc36
golang-k8s-sample-apiserver-1.22.0-4.fc36
golang-k8s-sample-controller-1.22.0-3.fc36
golang-mongodb-mongo-driver-1.4.5-5.fc36
golang-storj-drpc-0.0.16-5.fc36
golang-x-debug-0-0.13.20210123gitc934e1b.fc36
golang-x-exp-0-0.42.20220330git053ad81.fc36
golang-x-perf-0-0.14.20210123gitbdcc622.fc36
gopass-1.13.1-2.fc36
grpcurl-1.8.6-2.fc36
onionscan-0.2-6.fc36
open-policy-agent-0.31.0-4.fc36
shellz-1.5.0-6.fc36
shhgit-0.2-6.fc36
snowcrash-0-0.6.20201119git49b99ad.fc36
xq-0.0.7-3.fc36

Update description:

Rebuild for CVE-2022-27191

Fix FTBFS Close: rhbz#2045471

Read More

git-2.35.3-1.fc35

Read Time:50 Second

FEDORA-2022-3759ebabd2

Packages in this update:

git-2.35.3-1.fc35

Update description:

Update to 2.35.3 (release notes)

This release addresses CVE-2022-24765. Per the release announcement:

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in C:.git, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.

A broad “escape hatch” is available in cases where all the repositories you may enter are considered safe, regardless of their ownership. Quoting another release announcement:

* can be used as the value for the safe.directory variable to signal that the user considers that any directory is safe.

Read More

bettercap-2.28-9.fc37 chisel-1.7.7-2.fc37 commit-stream-0.1.2-6.fc37 containerd-1.6.2-2.fc37 doctl-1.73.0-2.fc37 gh-2.7.0-2.fc37 git-time-metric-1.3.5-14.fc37 gobuster-3.1.0-2.fc37 golang-contrib-opencensus-resource-0.1.2-6.fc37 golang-gioui-0-7.20201225git18d4dbf.fc37 golang-github-acme-lego-4.4.0-4.fc37 golang-github-appc-docker2aci-0.17.2-8.fc37 golang-github-appc-goaci-0.1.1-10.fc37 golang-github-appc-spec-0.8.11-13.fc37 golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc37 golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc37 golang-github-containerd-continuity-0.2.2-2.fc37 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc37 golang-github-coredns-corefile-migration-1.0.11-5.fc37 golang-github-cucumber-godog-0.12.1-3.fc37 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc37 golang-github-francoispqt-gojay-1.2.13-6.fc37 golang-github-gogo-googleapis-1.4.1-3.fc37 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc37 golang-github-google-containerregistry-0.5.1-4.fc37 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc37 golang-github-googleapis-gnostic-0.5.3-5.fc37 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc37 golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc37 golang-github-haproxytech-client-native-2.5.3-2.fc37 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc37 golang-github-instrumenta-kubeval-0.15.0-7.fc37 golang-github-intel-goresctrl-0.2.0-4.fc37 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc37 golang-github-pact-foundation-1.5.1-5.fc37 golang-github-prometheus-2.32.1-4.fc37 golang-github-prometheus-alertmanager-0.23.0-8.fc37 golang-github-prometheus-node-exporter-1.3.1-7.fc37 golang-github-prometheus-tsdb-0.10.0-6.fc37 golang-github-redteampentesting-monsoon-0.6.0-5.fc37 golang-github-spf13-cobra-1.4.0-2.fc37 golang-github-theupdateframework-notary-0.7.0-4.fc37 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc37 golang-gopkg-src-d-git-4-4.13.1-7.fc37 golang-k8s-apiextensions-apiserver-1.22.0-5.fc37 golang-k8s-code-generator-1.22.0-3.fc37 golang-k8s-kube-aggregator-1.22.0-3.fc37 golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc37 golang-k8s-sample-apiserver-1.22.0-4.fc37 golang-k8s-sample-controller-1.22.0-3.fc37 golang-mongodb-mongo-driver-1.4.5-5.fc37 golang-storj-drpc-0.0.16-5.fc37 golang-x-debug-0-0.13.20210123gitc934e1b.fc37 golang-x-exp-0-0.42.20220330git053ad81.fc37 golang-x-perf-0-0.14.20210123gitbdcc622.fc37 gopass-1.13.1-2.fc37 grpcurl-1.8.6-2.fc37 onionscan-0.2-6.fc37 open-policy-agent-0.31.0-4.fc37 shellz-1.5.0-6.fc37 shhgit-0.2-6.fc37 snowcrash-0-0.6.20201119git49b99ad.fc37 xq-0.0.7-3.fc37

Read Time:2 Minute, 42 Second

FEDORA-2022-aa33c22e7a

Packages in this update:

bettercap-2.28-9.fc37
chisel-1.7.7-2.fc37
commit-stream-0.1.2-6.fc37
containerd-1.6.2-2.fc37
doctl-1.73.0-2.fc37
gh-2.7.0-2.fc37
git-time-metric-1.3.5-14.fc37
gobuster-3.1.0-2.fc37
golang-contrib-opencensus-resource-0.1.2-6.fc37
golang-gioui-0-7.20201225git18d4dbf.fc37
golang-github-acme-lego-4.4.0-4.fc37
golang-github-appc-docker2aci-0.17.2-8.fc37
golang-github-appc-goaci-0.1.1-10.fc37
golang-github-appc-spec-0.8.11-13.fc37
golang-github-cloudflare-redoctober-0-0.10.20210114git99c99a8.fc37
golang-github-cockroachdb-pebble-0-0.7.20210108git48f5530.fc37
golang-github-containerd-continuity-0.2.2-2.fc37
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc37
golang-github-coredns-corefile-migration-1.0.11-5.fc37
golang-github-cucumber-godog-0.12.1-3.fc37
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc37
golang-github-francoispqt-gojay-1.2.13-6.fc37
golang-github-gogo-googleapis-1.4.1-3.fc37
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc37
golang-github-googleapis-gnostic-0.5.3-5.fc37
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc37
golang-github-google-containerregistry-0.5.1-4.fc37
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc37
golang-github-grpc-ecosystem-gateway-2-2.7.3-3.fc37
golang-github-haproxytech-client-native-2.5.3-2.fc37
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc37
golang-github-instrumenta-kubeval-0.15.0-7.fc37
golang-github-intel-goresctrl-0.2.0-4.fc37
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc37
golang-github-pact-foundation-1.5.1-5.fc37
golang-github-prometheus-2.32.1-4.fc37
golang-github-prometheus-alertmanager-0.23.0-8.fc37
golang-github-prometheus-node-exporter-1.3.1-7.fc37
golang-github-prometheus-tsdb-0.10.0-6.fc37
golang-github-redteampentesting-monsoon-0.6.0-5.fc37
golang-github-spf13-cobra-1.4.0-2.fc37
golang-github-theupdateframework-notary-0.7.0-4.fc37
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc37
golang-gopkg-src-d-git-4-4.13.1-7.fc37
golang-k8s-apiextensions-apiserver-1.22.0-5.fc37
golang-k8s-code-generator-1.22.0-3.fc37
golang-k8s-kube-aggregator-1.22.0-3.fc37
golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc37
golang-k8s-sample-apiserver-1.22.0-4.fc37
golang-k8s-sample-controller-1.22.0-3.fc37
golang-mongodb-mongo-driver-1.4.5-5.fc37
golang-storj-drpc-0.0.16-5.fc37
golang-x-debug-0-0.13.20210123gitc934e1b.fc37
golang-x-exp-0-0.42.20220330git053ad81.fc37
golang-x-perf-0-0.14.20210123gitbdcc622.fc37
gopass-1.13.1-2.fc37
grpcurl-1.8.6-2.fc37
onionscan-0.2-6.fc37
open-policy-agent-0.31.0-4.fc37
shellz-1.5.0-6.fc37
shhgit-0.2-6.fc37
snowcrash-0-0.6.20201119git49b99ad.fc37
xq-0.0.7-3.fc37

Update description:

Rebuild for CVE-2022-27191

Read More

git-2.36.0-1.fc36

Read Time:51 Second

FEDORA-2022-e99ae504f5

Packages in this update:

git-2.36.0-1.fc36

Update description:

Update to 2.36.0 (release notes)

Among the changes, this release includes changes to address CVE-2022-24765. Per the release announcement:

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in C:.git, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.

A broad “escape hatch” is available in cases where all the repositories you may enter are considered safe, regardless of their ownership. Quoting another release announcement:

* can be used as the value for the safe.directory variable to signal that the user considers that any directory is safe.

Read More

CVE-2020-13495

Read Time:20 Second

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file.

Read More