Read Time:26 Second

FEDORA-2023-25617e952a

Packages in this update:

tpm2-tss-3.2.2-1.fc37

Update description:

Fixed:

A buffer overflow in tss2-rc as CVE-2023-22745.
The drv layer in tss2-rc should have been the policy layer.
Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string.
This is API breaking but considered a bug since it deviated from the FAPI spec.
FAPI: undefined reference to curl_url_strerror when using curl less than 7.80.0.

USN-7363-1: PAM-PKCS#11 vulnerabilities

Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not properly handle certain return codes when authentication was not possible....

March 20, 2025

A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution

A vulnerability has been discovered in AMI MegaRAC Software, which could allow for remote code execution. MegaRAC is a product...

March 20, 2025

APPLE-SA-03-11-2025-4 visionOS 2.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-4 visionOS 2.3.2 visionOS 2.3.2 addresses the following issues. Information...

March 20, 2025

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2 macOS Sequoia 15.3.2 addresses the following...

March 20, 2025

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2 iOS 18.3.2 and iPadOS...

March 20, 2025

APPLE-SA-03-11-2025-1 Safari 18.3.1

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-1 Safari 18.3.1 Safari 18.3.1 addresses the following issues. Information...

March 20, 2025

BlackLock ransomware: What you need to know

FishMonger APT Group Linked to I-SOON in Espionage Campaigns

Critical GitHub Attack

Rooted Devices 250 Times More Vulnerable to Compromise

Smashing Security podcast #409: Peeping perverts and FBI phone calls

UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

UK Police Arrest 422 in Major Fraud Crackdown

Over Half a Million Hit by Pennsylvania Schools Union Breach

Supply-chain CAPTCHA attack hits over 100 car dealerships

tpm2-tss-3.2.2-1.fc37

FEDORA-2023-25617e952a

Packages in this update:

Update description:

USN-7363-1: PAM-PKCS#11 vulnerabilities

A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution

APPLE-SA-03-11-2025-4 visionOS 2.3.2

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

APPLE-SA-03-11-2025-1 Safari 18.3.1