Ibhulogi Yesigaba
Iphrojekthi ye-fheroes2 1.1.16 isiyatholakala, edala kabusha injini yegeyimu ye-Heroes of Might kanye ne-Magic II kusukela ekuqaleni. Ikhodi yephrojekthi ibhalwe nge-C++ futhi isakazwa ngaphansi kwelayisensi ye-GPLv2. Ukuze uqalise igeyimu, udinga amafayela anezinsiza zegeyimu, angatholwa kokuthi Amaqhawe Anamandla Oqobo kanye Nomlingo II. Le phrojekthi ihlanganisa umbhalo wokulayisha ngokuzenzakalelayo […]
I-Ad Nihilum 0.4.3 ikhishwe—isevisi encane kakhulu yemiyalezo ebethelwe kusetshenziswa isimiso esithi “funda futhi ushise”, esenzelwe kakhulu ukuzisingatha. Iseva isebenza njengesitoreji sangemuva kuphela. Ukubethela nokususa ukubethela kwenzeka kuphela ohlangothini lweklayenti, kusiphequluli (kusetshenziswa i-AES-GCM). Izici zifaka phakathi ukubethela kwendawo nokususa ukubethela; iseva ayikaze ibone ukhiye; ukwesekwa kwesendlalelo esengeziwe […]
Ulwazi mayelana nokuba sengozini kwesithupha (1, 2-3, 4, 5) seludaluliwe. Lokhu kuba sengozini kuvumela umsebenzisi wendawo ongenamalungelo ukuthi athole amalungelo ezimpande ngokubhala ngaphezulu idatha ku-cache yekhasi. Ukuba sengozini kuqanjwe ngekhodi i-PinTheft. I-prototype exploit iyatholakala. I-CVE identifier ayikanikezwa okwamanje. Ukulungiswa okwamanje kutholakala kuphela njenge-patch, eyanyatheliswa ngoMeyi 5 futhi yamukelwa egatsheni le-netdev ngoMeyi 11, kodwa ayifakiwe ku- […]
Iphrojekthi ye-IncidentRelay ishicilelwe. Yakha uhlelo oluvulekile lokuphathwa kwezingcingo, ukuqondisa izixwayiso, kanye nokuphendula kwezehlakalo, olusebenza kuseva ezizisingatha zona. Le phrojekthi ihloselwe ama-SRE, ama-DevOps, kanye namaqembu engqalasizinda afuna enye indlela engasetshenziswa endaweni yezinsizakalo ze-SaaS zokuphathwa kwezingcingo, izinqubomgomo zokukhulisa, kanye nokuphendula kwezehlakalo. Ikhodi yephrojekthi ibhalwe nge-Python futhi isatshalaliswa ngaphansi kwelayisensi ye-MIT. […]
Enhliziyweni Linux Ubungozi, obubizwa ngokuthi i-ssh-keysign-pwn ngokungafanele, bulungisiwe. Le nkinga ivumela umsebenzisi wendawo, ongenamalungelo okufunda amafayela okufanele atholakale kuphela kumpande, kufaka phakathi okhiye be-SSH abayimfihlo futhi, ezimweni ezithile, /etc/shadow. Ngesikhathi sokushicilelwa, i-CVE ethile yayingakabelwa le nkinga. Naphezu kwegama, lokhu akuyona inkinga ku-OpenSSH njengeseva yenethiwekhi […]
I-ForgeZero 1.9.0 (fz), ithuluzi lokwakha umugqa womyalo wamaphrojekthi abhalwe ngo-C, C++, kanye nezilimi zokuhlanganisa (NASM, GAS, FASM), selikhishwe. Leli thuluzi alidingi i-Makefile noma amanye amafayela okucushwa ukuze lisetshenziswe ngokuyisisekelo. Ikhodi yephrojekthi ibhalwe ku-Go futhi inelayisensi ngaphansi kwelayisensi ye-MIT. I-ForgeZero ithola uhlobo lwefayela bese ikhetha ngokuzenzakalelayo i-backend efanele. Ifayela ngalinye lekhodi […]
Abathuthukisi beseva yemeyili ye-Exim bakhiphe ukukhishwa kwe-Exim 4.99.3, okulungisa ubuthakathaka kwezinye izilungiselelo ze-ejenti yemeyili. Inkinga inesihlonzi sangaphakathi i-EXIM-Security-2026-05-01.1; esazisweni esisemthethweni, sibhalwe futhi njenge-CVE-TBD. Ubuthakathaka bungokwesigaba se-Remote Use-After-Free futhi kwenzeka lapho kucutshungulwa umzimba womlayezo we-BDAT lapho usebenzisa i-TLS phezu kwe-GnuTLS. I-BDAT isetshenziswa kusandiso se-CHUNKING SMTP ukudlulisa umzimba […]
Enhliziyweni Linux Kutholakale ubuthakathaka obufana ne-Copy Fail, i-Dirty Frag, ne-Fragnesia, okuvumela umsebenzisi ongenamalungelo ukuthi athole amalungelo ezimpande ngokubhala ngaphezulu idatha ku-cache yekhasi. Ubuthakathaka bunikezwe igama lekhodi elithi DirtyDecrypt (inkinga ibizwa nangokuthi i-DirtyCBC). I-prototype exploit iyatholakala. Inothi le-exploit alisho isihlonzi se-CVE, lithi kuphela ukuthi abacwaningi bathole inkinga ngoMeyi 9, […]
I-MyCompany 6.2, uhlelo lwe-ERP lwamahhala lwamabhizinisi amancane naphakathi olwakhiwe epulatifomu ye-lsFusion, selukhishwe. Isixazululo sihlanganisa ukubalwa kwempahla kanye nokubalwa kwezimali, ukuphathwa kokuthengwa nokuthengiswa, ukukhiqiza, ukuthengisa kanye nezinsizakalo, nokuningi. Isixazululo esijwayelekile se-MyCompany sisatshalaliswa ngaphansi kwelayisensi ye-Apache 2.0 futhi sakhiwa njengephrojekthi yomthombo ovulekile ku-GitHub. Ipulatifomu yedemo kanye […]
I-Grafana Labs, unjiniyela weplatifomu yokuqapha idatha yomthombo ovulekile kanye nokuboniswa kwezithombe enegama elifanayo, iveze ukuthi ithokheni yokufinyelela yendawo yayo ye-GitHub yayiwele ezandleni zabahlaseli. Abahlaseli basebenzise ithokheni ukulanda ikhodi yemikhiqizo eyimfihlo yenkampani ezindaweni zokugcina ezizimele futhi bazama ukuphanga imali ngokusongela ukudalula isisekelo sekhodi esitholiwe. Abamele i-Grafana Labs benqabile ukukhokha. Ngokusho kwenkampani, abahlaseli abazange bathole ukufinyelela […]
Abacwaningi eMassachusetts Institute of Technology bathuthukisa iphrojekthi ye-GenCAD, esebenzisa imodeli yokufunda komshini ukukhiqiza amamodeli e-3D asekelwe esithombeni se-2D noma umdwebo wengxenye. I-GenCAD ayikhiqizi nje imodeli ye-3D, kodwa uhlelo oluphelele lwe-CAD olune-parametric olunomlando wemiyalo yokwakha amamodeli, efanelekile ukungeniswa ezinhlelweni ze-CAD ezi-parametric. Umthandi ujoyine ingxoxo yale phrojekthi, ethi ukudala amamodeli e- […]
Enhliziyweni Linux Okunye ubungozi bokwanda kwamalungelo endawo, okubizwa ngokuthi i-Fragnesia futhi okuhlonzwe njenge-CVE-2026-46300, kudaluliwe. Le nkinga iwela esigabeni esifanayo sokuhlaselwa kwe-cache yamakhasi njenge-Copy Fail kanye ne-Dirty Frag okuxoxwe ngayo muva nje, kodwa akuyona ukushicilelwa kabusha kwesiphazamisi esidala: kuyiphutha elihlukile kukhodi ye-XFRM ESP-in-TCP. Ubungozi butholwe ngumcwaningi uWilliam Bowling […]