“Curl 8.4.0 will hit at around 0600 UTC (0800 CEST, 0700 BST, 0200 EST, 2300 PDT) on October 11 and deal with CVE-2023-38545, which affects both libcurl and the curl tool, and CVE-2023-38546, which only affects libcurl…”
Has anyone tried the POC’s for this on their systems? Just curious as to your success rate. I’ve been running 3 slightly difference POC’s for the past 4 days and I’m still yet to drop to root on any of the 3 systems I’m trying on.
“On September 28, 2023, the Snap Store team was notified of a potential security incident. A number of snap users reported several recently published and potentially malicious snaps…”
Like choose your-own-ending novels and BASH? What would you do if you suddenly had ssh access to someone else’s server? This is a really fun corner of the net. Excellent resource/trainer/time-waster. When I talk to people from the DIY linux/selfhosting/FOSS communities, many folks haven’t heard of it....
Joining this community, and my first post.
Hello everyone,...
Fresh curl tomorrow will patch 'worst' security flaw in ages | TheRegister ( www.theregister.com )
“Curl 8.4.0 will hit at around 0600 UTC (0800 CEST, 0700 BST, 0200 EST, 2300 PDT) on October 11 and deal with CVE-2023-38545, which affects both libcurl and the curl tool, and CVE-2023-38546, which only affects libcurl…”
CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so | Qualys Security Blog ( blog.qualys.com )
Critical vulnerabilities in Exim threaten over 250k email servers worldwide ( arstechnica.com )
“Remote code execution requiring no authentication fixed. 2 other RCEs remain unpatched…”
Temporary suspension of automatic snap registration following security incident ( forum.snapcraft.io )
“On September 28, 2023, the Snap Store team was notified of a potential security incident. A number of snap users reported several recently published and potentially malicious snaps…”
CVE-2023-38408: REMOTE CODE EXECUTION IN OPENSSH'S FORWARDED SSH-AGENT ( www.qualys.com )
YSK about Wargames ( overthewire.org )
Like choose your-own-ending novels and BASH? What would you do if you suddenly had ssh access to someone else’s server? This is a really fun corner of the net. Excellent resource/trainer/time-waster. When I talk to people from the DIY linux/selfhosting/FOSS communities, many folks haven’t heard of it....
Can the Number of Federated Instances be Increased for Linux.community please?
At the moment there is slim pickings for other communities to join if this instance is chosen by a user to be their home server....