Cisco has released a High severity security advisory for a telnet vulnerability that affects Cisco IOS XE software.
The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.
In case you missed it last week, SaltStack released security updates to fix two critical Salt vulnerabilities. Multiple vendors that integrate Salt into their products have also released patches or workarounds to address the flaws.