Microsoft Security Update Validation Report August 2022

Microsoft’s August 2022 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

GHSA-2JQ9-6XX7-3H29 `temporary` makes use of uninitialized memory

Uninitialized memory is used as a RNG seed in temporary. This has been resolved in the 0.6.4 release. The crate is not intended to be used outside of a testing environment. For a general purpose crate to create temporary directories, tempfile is an alternative for this crate...

`temporary` makes use of uninitialized memory

Uninitialized memory is used as a RNG seed in temporary. This has been resolved in the 0.6.4 release. The crate is not intended to be used outside of a testing environment. For a general purpose crate to create temporary directories, tempfile is an alternative for this crate...

Kali Linux 2022.3 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2022.3. This release has various impressive updates. The highlights for Kali’s 2022.3’s release: Discord Server - Kali’s new community real-time chat option has launched! Test Lab Environment - Quickly create a test bed to learn, practice, and...

The Race to Secure eBPF for Windows

The Race to Secure eBPF for Windows By Trellix · August 11, 2022 This blog was written by Douglas McKee Innovation often improves functionality and even security; however, adoption starts slow. Adoption often doesn’t increase at a linear rate but at an exponential rate leaving behind attack...

The Race to Secure eBPF for Windows

The Race to Secure eBPF for Windows By Trellix · August 11, 2022 This blog was written by Douglas McKee Innovation often improves functionality and even security; however, adoption starts slow. Adoption often doesn’t increase at a linear rate but at an exponential rate leaving behind attack...

Efficient Infrastructure Testing

Before we start lets set the scene regarding vulnerability assessment. It is imperative that enterprises conduct their own continuous automated scanning, to have up-to-date assessments of threats that their networks may be susceptible to. Infrastructure penetration testing discussed in this blog...

[SECURITY] Fedora 36 Update: subfinder-2.5.2-3.fc36

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing...

[SECURITY] Fedora 36 Update: swig-4.0.2-17.fc36

Simplified Wrapper and Interface Generator SWIG is a software development tool for connecting C, C++ and Objective C programs with a variety of high-level programming languages. SWIG is used with different types of target languages including common scripting languages such as Javascript, Perl, PH...

Fedora: Security Advisory for golang-github-pact-foundation (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-shopify-toxiproxy-2.1.4-11.fc36

Toxiproxy is a framework for simulating network conditions. It's made specifically to work in testing, CI and development environments, supporting deterministic tampering with connections, but with support for randomized chaos and customization. Toxiproxy is the tool you need to prove with tests...

[SECURITY] Fedora 36 Update: golang-github-onsi-ginkgo-2-2.1.4-3.fc36

A Modern Testing Framework for Go...

[SECURITY] Fedora 36 Update: golang-github-pact-foundation-1.5.1-7.fc36

Pact Go enables consumer driven contract testing, providing a mock service and DSL for the consumer project, and interaction playback and verification for t he service provider project...

[SECURITY] Fedora 36 Update: golang-github-mock-1.6.0-4.fc36

GoMock is a mocking framework for the Go programming language. It integrates well with Go's built-in testing package, but can be used in other contexts to o...

[SECURITY] Fedora 36 Update: golang-github-gucumber-0-0.24.20190703git7d5c79e.fc36

An implementation of Cucumber BDD-style testing for Go...

[SECURITY] Fedora 36 Update: golang-github-google-martian-3.1.0-10.fc36

Martian Proxy is a programmable HTTP proxy designed to be used for testing. Martian is a great tool to use if you want to: - Verify that all or some subset of requests are secure - Mock external services at the network layer - Inject headers, modify cookies or perform other mutations of HTTP...

[SECURITY] Fedora 36 Update: golang-github-gohugoio-testmodbuilder-0-0.11.20201030git72e1e0c.fc36

Some helper scripts used for Hugo testing...

[SECURITY] Fedora 36 Update: golang-github-facebookincubator-contest-0-0.5.20210706gitceebc35.fc36

Run continuous and on-demand system testing for real and virtual hardware...

openSUSE: Security Advisory for mozilla-nss (SUSE-SU-2022:2595-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:2595-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4: - Makes the PBKDF known answer test compliant with NIST SP800-132. bsc1192079. - FIPS: Add on-demand integrity tests through sftkFIPSRepeatIntegrityCheck...