Security bug-fixes in git

May 20, 2024

The Git project released new security bug-fix versions on May 14th, 2024: v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4: CVE-2024-32002: https://nvd.nist.gov/vuln/detail/CVE-2024-32002 CVE-2024-32004: https://nvd.nist.gov/vuln/detail/CVE-2024-32004...

read more

EGI CSIRT Cybersecurity report for 2023

May 6, 2024

In 2023, EGI CSIRT has significantly increased the efforts to strengthen global collaboration. We recognise the value of shared knowledge and unified defence strategies. Our engagement has expanded beyond the Worldwide LHC Computing Grid (WLCG) organisations,...

read more

High risk kernel vulnerabilities in RHEL9

Apr 25, 2024

There are a large number of CVE’s patched in this RHEL9 release, we have identified the 3 listed above as ‘HIGH’ risk according to our criteria (CVE-2023-6817, CVE-2024-0193, CVE-2024-0646). We have not investigated all the CVE’s in detail, and there is the...

read more

High risk kernel vulnerabilities

Apr 19, 2024

Redhat has released a new kernel, which includes fixes for some high risk vulnerabilities that effect RHEL 8, but also RHEL 7 and 9. CVE ID/CVSS Score : CVE-2023-4623/7.8 Affecting RHEL7, RHEL8, and RHEL9 CVE ID/CVSS Score : CVE-2023-4921/7.8 Affecting RHEL7 and RHEL8...

read more

High vulnerability in Lustre: CVE-2023-51786

Apr 18, 2024

There is a vulnerability in Lustre where users may gain access to files and/or folders which they should not have permission to access based on their user or group ID. This may lead to data compromise or possible privilege escalation. Please see...

read more

PuTTY vulnerability vuln-p521-bias

Apr 17, 2024

PuTTY tools from 0.68 to 0.80 inclusive have a critical vulnerability in the code that generates signatures from ECDSA private keys which use the NIST P521 curve. PuTTY, or Pageant, generates a signature from a key when using it to authenticate you to an SSH server.)...

read more
Trusted Introducer