Fresh curl tomorrow will patch 'worst' security flaw in ages | TheRegister ( www.theregister.com )
“Curl 8.4.0 will hit at around 0600 UTC (0800 CEST, 0700 BST, 0200 EST, 2300 PDT) on October 11 and deal with CVE-2023-38545, which affects both libcurl and the curl tool, and CVE-2023-38546, which only affects libcurl…”
CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so | Qualys Security Blog ( blog.qualys.com )
Critical vulnerabilities in Exim threaten over 250k email servers worldwide ( arstechnica.com )
“Remote code execution requiring no authentication fixed. 2 other RCEs remain unpatched…”
Temporary suspension of automatic snap registration following security incident ( forum.snapcraft.io )
“On September 28, 2023, the Snap Store team was notified of a potential security incident. A number of snap users reported several recently published and potentially malicious snaps…”
CVE-2023-38408: REMOTE CODE EXECUTION IN OPENSSH'S FORWARDED SSH-AGENT ( www.qualys.com )
YSK about Wargames ( overthewire.org )
Like choose your-own-ending novels and BASH? What would you do if you suddenly had ssh access to someone else’s server? This is a really fun corner of the net. Excellent resource/trainer/time-waster. When I talk to people from the DIY linux/selfhosting/FOSS communities, many folks haven’t heard of it....