Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Red Hat Security Advisory 2024-6849-03

Red Hat Security Advisory 2024-6849-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a buffer overflow vulnerability.

Packet Storm
#vulnerability#mac#linux#red_hat#js#buffer_overflow
Red Hat Security Advisory 2024-6848-03

Red Hat Security Advisory 2024-6848-03 - An update for pcp is now available for Red Hat Enterprise Linux 9. Issues addressed include a heap corruption vulnerability.

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even Google," Chrome product manager Chirag Desai said. The PIN is a six-digit code by default, although it's

Talk of election security is good, but we still need more money to solve the problem

This year, Congress only allocated $55 million in federal grant dollars to states for security and other election improvements.

GHSA-62c8-mh53-4cqv: HTTP client can manipulate custom HTTP headers that are added by Traefik

### Impact There is a vulnerability in Traefik that allows the client to remove the X-Forwarded headers (except the header X-Forwarded-For). ### Patches - https://github.com/traefik/traefik/releases/tag/v2.11.9 - https://github.com/traefik/traefik/releases/tag/v3.1.3 ### Workarounds No workaround. ### For more information If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues). <details> <summary>Original Description</summary> ### Summary When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise, if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in ...

Red Hat Security Advisory 2024-6850-03

Red Hat Security Advisory 2024-6850-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-6843-03

Red Hat Security Advisory 2024-6843-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a heap corruption vulnerability.

Red Hat Security Advisory 2024-6842-03

Red Hat Security Advisory 2024-6842-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a heap corruption vulnerability.

Red Hat Security Advisory 2024-6840-03

Red Hat Security Advisory 2024-6840-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a heap corruption vulnerability.

Red Hat Security Advisory 2024-6839-03

Red Hat Security Advisory 2024-6839-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.