FEDORA-2022-280ac942be
Packages in this update:
mingw-SDL2_ttf-2.0.18-3.fc36
Update description:
Security fix for CVE-2022-27470
mingw-SDL2_ttf-2.0.18-3.fc36
Security fix for CVE-2022-27470
firefox-100.0-2.fc34
Fixed h.264 video playback over va-api (https://bugzilla.mozilla.org/show_bug.cgi?id=1762725)
New upstream version (100.0)
FortiGuard Labs is aware of a new ransomware variant called “Black Basta” discovered in the wild. The ransomware employs a double-extortion tactic in which it encrypts files and exfiltrates confidential information from the victim, then demands a ransom for decrypting the affected files and threatens to publicize the exfiltrated data if a ransom is not paid.Black Basta ransomware is reported to have victimized several organizations in multiple countries.Why is this Significant?This is significant because Black Basta is a new ransomware that is reported to have victimized several organizations in multiple countries.What is Black Basta ransomware?Black Basta is a new ransomware that demands ransom from the victim for decrypting victim’s files it encrypted and not to release the stolen data to the public.Black Basta ransomware deletes shadow copies from the compromised machine, which prevents the victim from being able to recover any files that have been encrypted. The ransomware also replaces the desktop wallpaper with an image with a black background that has the following ransom message:Your network is encrypted by the Black Basta group.Instructions in the filereadme.txt.The ransomware then will then restart the compromised machine in safe mode with the Windows Fax service running. After the reboot, the service launches the ransomware in order to start encrypting files. Files that are encrypted by Black Basta ransomware have “.basta” file extension and also have the ransomware’s own file icon. Readme.txt, also dropped by the ransomware, contains a ransom note to instruct the victim to use a specific TOR address to contact the attacker.What does the Windows Fax service have to do with this? Is it Vulnerable?The Windows Fax Service is not vulnerable. The Windows Fax service is attacked to maintain persistence and in this variant of Black Basta, it is hijacking an existing service name (in this case Windows Fax), deleting it, and spawning a new service with the same name.What is the Status of Coverage?FortiGuard Labs provides the following AV coverage against known samples of Black Basta ransomware: W32/Filecoder.OKW!tr W32/Kryptik.HPHI!trW32/Filecoder.OKT!trW32/Filecoder.OKW!tr.ransomW32/Filecoder.OKT!tr.ransomW32/Malicious_Behavior.VEX
seamonkey-2.53.12-1.el7
Update to 2.53.12
For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking .
Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.
seamonkey-2.53.12-1.el8
Update to 2.53.12
For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking .
Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.
seamonkey-2.53.12-1.fc34
Update to 2.53.12
For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking .
Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.
seamonkey-2.53.12-1.fc35
Update to 2.53.12
For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking .
Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.
seamonkey-2.53.12-1.fc36
Update to 2.53.12
For compatibility with modern sites the default version of Firefox for the User-Agent string has now been set to 78.0 . The value can be changed in Preferences–>Advanced–>HTTP Networking .
Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, information disclosure or spoofing.
NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.