USN-7363-1: PAM-PKCS#11 vulnerabilities

Read Time:24 Second

Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not
properly handle certain return codes when authentication was not possible.
An attacker could possibly use this issue to bypass authentication. This
issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-24531)

It was discovered that PAM-PKCS#11 did not require a private key signature
for authentication by default. An attacker could possibly use this issue
to bypass authentication. (CVE-2025-24032)

augeas-1.14.2-0.4.20250324git4dffa3d.fc40

FEDORA-2025-31036092ea Packages in this update: augeas-1.14.2-0.4.20250324git4dffa3d.fc40 Update description: CVE-2025-2588 Read More

March 24, 2025

augeas-1.14.2-0.4.20250324git4dffa3d.fc41

FEDORA-2025-117fe4c81f Packages in this update: augeas-1.14.2-0.4.20250324git4dffa3d.fc41 Update description: CVE-2025-2588 Read More

March 24, 2025

augeas-1.14.2-0.4.20250324git4dffa3d.fc42

FEDORA-2025-6b5c54bd05 Packages in this update: augeas-1.14.2-0.4.20250324git4dffa3d.fc42 Update description: CVE-2025-2588 Read More

March 24, 2025

USN-7365-1: NLTK vulnerabilities

It was discovered that NLTK contained a regex that is susceptible to catastrophic backtracking. An attacker could possibly use this...

March 24, 2025

uriparser-0.9.8-2.el8

FEDORA-EPEL-2025-1f39c6fc05 Packages in this update: uriparser-0.9.8-2.el8 Update description: Update to uriparser-0.9.8. Read More

March 23, 2025

uriparser-0.9.8-2.el10_1

FEDORA-EPEL-2025-7b4e3ab4cf Packages in this update: uriparser-0.9.8-2.el10_1 Update description: Update to uriparser-0.9.8. Read More

March 23, 2025

Authorities Seize 1842 Devices in Africa’s Cybercrime Crackdown

California AG Reminds 23andMe Customers of Data Deletion Rights Amid Bankruptcy Filing

More Countries are Demanding Back-Doors to Encrypted Apps

Teen Boys at Risk of Sextortion as 74% Lack Basic Awareness

Google Account Hijackers Target Victims Via Semrush Ads

The Power of Simplicity: Why LevelBlue’s Partner Program Makes Cybersecurity Easier for MSPs and MSSPs

Friday Squid Blogging: A New Explanation of Squid Camouflage

Arrests in Tap-to-Pay Scheme Powered by Phishing

My Writings Are in the LibGen AI Training Corpus

USN-7363-1: PAM-PKCS#11 vulnerabilities

augeas-1.14.2-0.4.20250324git4dffa3d.fc40

augeas-1.14.2-0.4.20250324git4dffa3d.fc41

augeas-1.14.2-0.4.20250324git4dffa3d.fc42

USN-7365-1: NLTK vulnerabilities

uriparser-0.9.8-2.el8

uriparser-0.9.8-2.el10_1