|
|
Prev week |
Next week |
Colapse all |
Post message
[slackware-security] ruby (SSA:2013-136-02) 2013-05-16 Slackware Security Team (security slackware com) CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! 2013-05-17 S³awomir Jabs (slawomir jabs gmail com) Everything has a story, everything evolves, adapts to changing circumstances but does your IT Sec strategy evolve with the development of the digital world? Are you wiling to gamble on the security of you systems? Join the upcoming CONFidence conference and meet both renown speakers and specialist [ more ] [ reply ] [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) 2013-05-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) New mozilla-thunderbird packages are available for Slackware64 13.37 and 14.0. These were accidentally omitted from the last upload. Here are the details from the Slackware [ more ] [ reply ] APPLE-SA-2013-05-16-1 iTunes 11.0.3 2013-05-16 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-05-16-1 iTunes 11.0.3 iTunes 11.0.3 is now available and addresses the following: iTunes Available for: Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: An attacker in a privileged network position may manipulate HT [ more ] [ reply ] ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability 2013-05-16 Security Alert (Security_Alert emc com) ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability 2013-05-16 Security Alert (Security_Alert emc com) [slackware-security] mozilla-thunderbird (SSA:2013-135-02) 2013-05-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2013-135-02) New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------- [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2013-135-01) 2013-05-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2013-135-01) New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ p [ more ] [ reply ] Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability 2013-05-15 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Advisory ID: cisco-sa-20130515-mse Revision 1.0 For Public Release 2013 May 15 16:00 UTC (GMT) +------------------------------------------------------ [ more ] [ reply ] Multiple Vulnerabilities in Exponent CMS 2013-05-15 advisory htbridge com Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Version(s): 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injection [CWE- [ more ] [ reply ] [security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code 2013-05-15 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03714526 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03714526 Version: 3 HPSBUX02859 SS [ more ] [ reply ] File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities 2013-05-12 Vulnerability Lab (research vulnerability-lab com) ====== File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Date: ===== 2013-05-04 References: =========== http://www.vulnerability-lab.com/get_content.php?id=939 VL-ID: ===== 939 Common Vulnerability Scoring System: ==================================== 5.9 Introduction: ============ [ more ] [ reply ] Wifi Album v1.47 iOS - Command Injection Vulnerability 2013-05-12 Vulnerability Lab (research vulnerability-lab com) Title: ====== Wifi Album v1.47 iOS - Command Injection Vulnerability Date: ===== 2013-04-25 References: =========== http://www.vulnerability-lab.com/get_content.php?id=935 VL-ID: ===== 935 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: ========= [ more ] [ reply ] Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities 2013-05-12 Vulnerability Lab (research vulnerability-lab com) Title: ====== Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities Date: ===== 2013-04-21 References: =========== http://www.vulnerability-lab.com/get_content.php?id=932 VL-ID: ===== 932 Common Vulnerability Scoring System: ==================================== 6.1 Introduction: === [ more ] [ reply ] Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities 2013-05-12 Vulnerability Lab (research vulnerability-lab com) Title: ====== Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-26 References: =========== http://www.vulnerability-lab.com/get_content.php?id=883 VL-ID: ===== 883 Common Vulnerability Scoring System: ==================================== 6.2 Introduction: ====== [ more ] [ reply ] Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities 2013-05-12 Vulnerability Lab (research vulnerability-lab com) Title: ====== Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities Date: ===== 2013-04-27 References: =========== http://www.vulnerability-lab.com/get_content.php?id=934 VL-ID: ===== 934 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: ==== [ more ] [ reply ] SimpleTransfer 2.2.1 - Command Injection Vulnerabilities 2013-05-12 Vulnerability Lab (research vulnerability-lab com) Title: ====== SimpleTransfer 2.2.1 - Command Injection Vulnerabilities Date: ===== 2013-05-03 References: =========== http://www.vulnerability-lab.com/get_content.php?id=937 VL-ID: ===== 937 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: ======= [ more ] [ reply ] [RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution 2013-05-13 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the Dovecot IMAP and POP3 server is the use of Dovecot [ more ] [ reply ] WASC Announcement: Static Analysis Technologies Evaluation Criteria Published 2013-05-10 announcements webappsec org The Web Application Security Consortium (WASC) is pleased to announce the Static Analysis Technologies Evaluation Criteria. The goal of the SATEC project is to create a vendor-neutral set of criteria to help guide application security professionals during the process of acquiring a static code analy [ more ] [ reply ] ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability 2013-05-10 Security Alert (Security_Alert emc com) [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited 2013-05-10 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-3544 Chunked transfer encoding extension size is not limited Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.29 - - Tomcat 6.0.0 to 6.0.36 Description: When processing a request submitte [ more ] [ reply ] [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator 2013-05-10 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2067 Session fixation with FORM authenticator Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.32 - - Tomcat 6.0.21 to 6.0.36 Description: FORM authentication associates the most recent r [ more ] [ reply ] CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException 2013-05-10 Mark Thomas (markt apache org) CFP: Hacktivity 2013, October 11-12, Budapest, Hungary 2013-05-10 cfp hacktivity com Hi, Hacktivity is the largest IT Security Festival in CEE region which will be held between October 11-12, 2013 in Budapest, Hungary. Hacktivity traditionally brings together the official and alternative representatives of information security profession with all those interested in the area, in a [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] ruby (SSA:2013-136-02)
New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current
to fix a security issue.
Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages
[ more ] [ reply ]