4420 matches found
[SECURITY] Fedora 32 Update: kernel-tools-5.9.7-100.fc32
This package contains the tools/ directory from the kernel source and the supporting documentation...
[SECURITY] Fedora 33 Update: kernel-tools-5.9.7-200.fc33
This package contains the tools/ directory from the kernel source and the supporting documentation...
GoCD: XSS In https://docs.gocd.org/current/
Searches on docs.gocd.org were subject to a client-side XSS issue...
Leonidas - Automated Attack Simulation In The Cloud, Complete With Detection Use Cases
Leonidas is a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures TTPs and their associated detection properties. These definitions can then be compiled into: A web API exposing each test case as an...
openGauss: Documenting Extensions
All installed extensions must be documented. You need to carefully check any unidentified extensions. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Default configuration
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at...
bind security, bug fix, and enhancement update
32:9.11.20-5 - Fix tsig-request verify CVE-2020-8622 - Prevent PKCS11 daemon crash on crafted packet CVE-2020-8623 - Correct update-policy type subdomain to match documentation CVE-2020-8624 - Include available test 32:9.11.20-4 - Prevent crash on dstlib initialization failure 1859454 32:9.11.20-...
systemd security, bug fix, and enhancement update
239-40.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
ShowStopper - Anti-Debug tricks exploration tool
The ShowStopper project is a tool to help malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods. With this tool, you can attach a debugger to its process and research the debugger’s behavior for the...
Unexpected panic in multihash `from_slice` parsing code
In versions prior 0.11.3 it's possible to make fromslice panic by feeding it certain malformed input. It's never documented that fromslice and frombytes which wraps it can panic, and its' return type Result suggests otherwise. In practice, fromslice/frombytes is frequently used in networking code...
pwntools
This is an open-source repository for the pwntools project, a Python library for reverse engineering and exploitation. The repository contains various files and workflows for contributing to the project, including issue templates, pull request templates, and workflows for continuous integration a...
Moderate: python3 security and bug fix update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Fedora 32 : 2:samba / krb5 (2020-939681213a)
KRB5 : - Cross-realm s4u fixes for samba 1836630 - Drop unnecessary conflict with openssl-libs = 3.0.0 - Unify kvno option documentation - Use systemctl reload to HUP the KDC during logrotate SAMBA : - Support S4U operations for Samba AD DC 1836630 - Fix lookup of users and groups when realm used...
APICheck - The DevSecOps Toolset For REST APIs
APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: Developers...
[SECURITY] Fedora 31 Update: python2-2.7.18-6.fc31
Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especi ally how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We know that proving the efficacy of your vulnerability management program is no easy task. But with the Goals and SLAs feature in InsightVM, you can ensure you’re making and tracking progress toward your goals and service-level agreements SLAs at an appropriate place, as well as maintaining...
TASER - Python3 Resource Library For Creating Security Related Tooling
TASER T esting A nd SE ecurity R esource is a Python resource library used to simplify the process of creating offensive security tooling, especially those relating to web or external assessments. It's modular design makes it easy for code to be customized and re-purposed in a variety of scenario...
Fedora 33 : 1:livecd-tools / createrepo_c / dnf-plugins-core / etc (2020-b40fc174b5)
createrepoc 0.16.1 - Update to 0.16.1 - Add the section number to the manual pages - Parse xml snippet in smaller parts RhBug:1859689 - Add module metadata support to createrepoc RhBug:1795936 librepo 1.12.1 - Update to 1.12.1 - Validate path read from repomd.xml RhBug:1868639 libdnf 0.54.2 -...
Unspecified Vulnerability in GNU C Library (CNVD-2021-26206)
The GNU C Library glibc, libc6 is an open-source, free C language compiler released under the LGPL license.Library is one of the libraries. A security vulnerability exists in the GNU C Library aka glibc versions prior to 2.2. The vulnerability stems from a missing statement about the unspecified...
Scientific Linux Security Update : python on SL7.x x86_64 (20201001)
Security Fixes : - python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141713; scriptversion"1.3";...