[SECURITY] Fedora 39 Update: golang-1.21.1-1.fc39

The Go Programming Language...

[SECURITY] Fedora 39 Update: python3.10-3.10.13-1.fc39

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

[SECURITY] Fedora 37 Update: python3-docs-3.11.5-1.fc37

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

[SECURITY] Fedora 37 Update: python3.11-3.11.5-1.fc37

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Fedora: Security Advisory for python3-docs (FEDORA-2023-3d13b093d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-36261 · Skopeo · Skopeo

Name of the Vulnerable Software and Affected Versions: skopeo affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.21. The skopeo package has been rebuilt with this security release to address the issue. There is no...

PT-2023-36259 · Go +1 · Go +1

Name of the Vulnerable Software and Affected Versions: rekor affected versions not specified Description: The issue is related to a security release in the Go programming language, specifically version 1.21. The rekor package has been rebuilt with this security release to address the issue. There...

PT-2023-36254 · Google +1 · Go +1

Name of the Vulnerable Software and Affected Versions: amazon-ecs-init affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.21. The update of amazon-ecs-init is intended to address this issue by rebuilding the package wi...

python3.9 security update

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language...

python3.11 security update

An update is available for python3.11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an accessible, high-level, dynamically typed, interpreted...

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf,"...

Important: Red Hat Security Advisory: rust-toolset-1.66-rust security update

An update for rust-toolset-1.66-rust is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2023:4635 Important: rust-toolset:rhel8 security update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fixes: rust-cargo: cargo does not respect the umask when extracting dependencies CVE-2023-38497 For more details about the security issues, including t...

OESA-2023-1501 golang security update

The Go Programming Language. Security Fixes: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host o...

[SECURITY] Fedora 37 Update: golang-1.19.12-1.fc37

The Go Programming Language...

Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack

By Waqas FortiGuard Labs Reveals Insights into Recent Surge of Cyberattacks Utilizing Rust Programming Language. This is a post from HackRead.com Read the original post: Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack...

[SECURITY] Fedora 38 Update: golang-1.20.7-1.fc38

The Go Programming Language...

python3 security update

CentOS Errata and Security Advisory CESA-2023:3556 An update for python3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2023-37902 Vyper's ecrecover can return undefined data if signature does not verify

Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine EVM. Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means...