A possible security vulnerability has been identified in Apache Kafka Connect. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka ...
Continue Reading
February 07, 2023
Previously, `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers: ```pycon >>> outbuf = b"x00" * 32 >>> c = cipher ...
Continue Reading
February 07, 2023
## Summary A Security Vulnerability in the IBM Java SDK OpenJ9 affects the IBM Security Verify Access (ISVA) Appliance and Container images. ## Vulnerability Details ** CVEID: **[CVE-2021-28167]() ** ...
Continue Reading
February 07, 2023
The public API function `BIO_new_NDEF` is a helper function used for streaming ASN.1 data via a `BIO`. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabili ...
Continue Reading
February 07, 2023
A `NULL` pointer can be dereferenced when signatures are being verified on PKCS7 `signed` or `signedAndEnveloped` data. In case the hash algorithm used for the signature is known to the OpenSSL librar ...
Continue Reading
February 07, 2023
A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used int ...
Continue Reading
February 07, 2023
A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the sign ...
Continue Reading
February 07, 2023
Hi, Spring fans! Welcome to another installment of _This Week in Spring_! It's Tuesday, February 7th, 2023, as I write this and I'm so very glad to be talking to you. How're you doin'? Some housekeepi ...
Continue Reading
February 07, 2023
Back to Main
