Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

BIT-GOLANG-2021-27918

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method...

CVE-2023-37475

CVE-2023-37475 affects the Go library hamba/avro, where a crafted string passed to Unmarshal() can trigger uncontrolled memory allocation, leading to denial of service. Root cause: the Unmarshal() path uses input data to size allocations, allowing memory exhaustion and potential crash. A fix is i...

Security Bulletin: CVE-2022-27664, CVE-2022-21698, CVE-2021-43565 and CVE-2022-27191 may affect IBM CICS TX Standard

Summary Multiple CVEs CVE-2022-27664, CVE-2022-21698, CVE-2021-43565 and CVE-2022-27191 may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Relevant Go related packages have been upgraded. Vulnerability Details CVEID:CVE-2022-27664 DESCRIPTION: Golang Go is...

CVE-2022-32148

Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the...

[SECURITY] Fedora 35 Update: deepin-api-5.4.11-4.fc35

Go-lang bingding for dde-daemon...

[SECURITY] Fedora 36 Update: golang-github-google-martian-3.1.0-9.fc36

Martian Proxy is a programmable HTTP proxy designed to be used for testing. Martian is a great tool to use if you want to: - Verify that all or some subset of requests are secure - Mock external services at the network layer - Inject headers, modify cookies or perform other mutations of HTTP...

[SECURITY] Fedora 30 Update: deepin-api-3.17.0-2.fc30

Go-lang bingding for dde-daemon...

Fedora Update for deepin-api FEDORA-2019-c25a0e7032

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated golang packages fix security vulnerability

A flaw was found in Go Lang. The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path get/vcs.go only checks for "://" anywhere in the string, which allows remote attackers to execute arbitrary OS commands via a crafted web site...

MGASA-2018-0238 Updated golang packages fix security vulnerability

A flaw was found in Go Lang. The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path get/vcs.go only checks for "://" anywhere in the string, which allows remote attackers to execute arbitrary OS commands via a crafted web site...

Honeybits - A Simple Tool Designed To Enhance The Effectiveness Of Your Traps By Spreading Breadcrumbs & Honeytokens Across Your Systems

A simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your production servers and workstations to lure the attacker toward your honeypots. Author: Adel "0x4D31" Karimi. Background The problem with the traditional implementation of honeypot...