CVE-2023-28320 affecting package rust for versions less than 1.72.0-2

CVE-2023-28320 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-27537 affecting package rust for versions less than 1.72.0-2

CVE-2023-27537 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-23915 affecting package rust for versions less than 1.72.0-2

CVE-2023-23915 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-22466 affecting package rust for versions less than 1.72.0-2

CVE-2023-22466 affecting package rust for versions less than 1.72.0-2. This CVE either no longer is or was never applicable...

CVE-2023-27533 affecting package rust for versions less than 1.72.0-2

CVE-2023-27533 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2023-27538 affecting package rust for versions less than 1.72.0-2

CVE-2023-27538 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

CVE-2022-4450 affecting package rust for versions less than 1.72.0-2

CVE-2022-4450 affecting package rust for versions less than 1.72.0-2. This CVE either no longer is or was never applicable...

[SECURITY] Fedora 38 Update: rust-aes-gcm-0.10.3-1.fc38

Pure Rust implementation of the AES-GCM Galois/Counter Mode Authenticated Encryption with Associated Data AEAD Cipher with optional architecture-specific hardware acceleration...

[SECURITY] Fedora 38 Update: rust-tokio-tungstenite-0.20.1-1.fc38

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation...

[SECURITY] Fedora 37 Update: rust-aes-gcm-0.10.3-1.fc37

Pure Rust implementation of the AES-GCM Galois/Counter Mode Authenticated Encryption with Associated Data AEAD Cipher with optional architecture-specific hardware acceleration...

[SECURITY] Fedora 39 Update: rust-aes-gcm-0.10.3-1.fc39

Pure Rust implementation of the AES-GCM Galois/Counter Mode Authenticated Encryption with Associated Data AEAD Cipher with optional architecture-specific hardware acceleration...

Fedora: Security Advisory for virtiofsd (FEDORA-2023-c19aaa2283)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-tokio-tungstenite-0.20.1-1.fc39

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation...

[SECURITY] Fedora 39 Update: rust-axum-0.6.20-1.fc39

Web framework that focuses on ergonomics and modularity...

New security features in Windows 11 protect users and empower IT

While attacks are getting more sophisticated, so are our defenses. With recent innovations like secured-core PCs that are 60 percent more resilient to malware than non-secured-core PCs,1 and the Microsoft Pluton Security Processor that adds more protection by isolating sensitive data like...

RUSTSEC-2023-0065 Tungstenite allows remote attackers to cause a denial of service

The Tungstenite crate through 0.20.0 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amoun...

[SECURITY] Fedora 39 Update: virtiofsd-1.7.0-4.fc39

Virtio-fs vhost-user device daemon Rust version...

Fedora: Security Advisory for virtiofsd (FEDORA-2023-8e6ae98f81)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-42811

The CVE-2023-42811 issue affects the aes-gcm Rust crate (AES-GCM implementation). In versions before 0.10.3, decrypt_in_place_detached could expose the decrypted plaintext in the buffer after a tag verification failure, potentially enabling CCAs and full plaintext recovery depending on the progra...

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...