This Week in Spring - July 26th, 2022

Aloha, Spring fans! Im on vacation, reporting to you from the paradise-like island of Maui, Hawaii, and hoping that youre having a wonderful day! My family and I love Hawaii. Its brimming with beauty and serenity, and while the island of Maui, in the state of Hawaii, is very small, the islands ar...

Malicious code in ddd-demo3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2eac035e89513982d440328e69c5d811c0540172b7b17a393a37b67685b57784 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2381 Malicious code in ddd-demo3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2eac035e89513982d440328e69c5d811c0540172b7b17a393a37b67685b57784 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ddd-demo2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1ab8af553dfe0dea6ad77bf720bc5c510a823dcc00efc0a19f6d7cec226ff1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2379 Malicious code in ddd-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d8f62ef9b886f760d717d97048fb305e00ee0d808ba286afabde024398a2159 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ddd-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d8f62ef9b886f760d717d97048fb305e00ee0d808ba286afabde024398a2159 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2002-2099

The entry concerns CVE-2002-2099 affecting the GNU DataDisplay Debugger (DDD) 3.3.1. The vulnerability is a buffer overflow triggered by a long HOME environment variable, allowing a local user to execute arbitrary code and possibly gain privileges. The root cause is an overflow in DDD’s handling ...

CVE-2002-2099

Buffer overflow in the GNU DataDisplay Debugger DDD 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE...

Linux news 4.12.00

Ядро 2.4.0-test12-pre4 Linus выпустил очередное pre ядро следующего тестового 2.4.0. В нем он добавил патчи от Alan'а Cox'a, включил патч от Stephen Tweedie, исправляющий ошибки в инодах и наложил еще несколько патчей от различных разработчиков ... Подробнее: http://www.kernel.org OpenBSD 2.8 is...