|
|
Colapse all |
Post message
[slackware-security] irssi (SSA:2016-265-03) 2016-09-21 Slackware Security Team (security slackware com) [security bulletin] HPSBHF03646 rev.1 - HPE Comware 7 (CW7) Network Products running NTP, Multiple Remote Vulnerabilities 2016-09-21 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052708 39 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05270839 Version: 1 HPSBHF03646 rev.1 - HPE Comw [ more ] [ reply ] Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla 2016-09-21 Larry W. Cashdollar (larry0 me com) Title: Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla Author: Larry W. Cashdollar, @_larry0 Date: 2016-09-15 Download Site: http://huge-it.com/joomla-video-gallery/ Vendor: www.huge-it.com, fixed v1.1.0 Vendor Notified: 2016-09-17 Vendor Contact: info (at) huge-it (dot) com [email concealed] Descripti [ more ] [ reply ] [security bulletin] HPSBGN03645 rev.2 - HPE Helion OpenStack Glance, Remote Access Restriction Bypass, Unauthorized Access 2016-09-21 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052735 84 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05273584 Version: 2 HPSBGN03645 rev.2 - HPE Heli [ more ] [ reply ] [slackware-security] pidgin (SSA:2016-265-01) 2016-09-21 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] pidgin (SSA:2016-265-01) New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +----------------------- [ more ] [ reply ] [SECURITY] [DSA 3672-1] irssi security update 2016-09-21 Salvatore Bonaccorso (carnil debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3672-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Salvatore Bonaccorso September 21, 2016 [ more ] [ reply ] Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability 2016-09-21 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability Advisory ID: cisco-sa-20160921-csp2100-2 Revision 1.0 Published: 2016 September 21 16:00 GMT +----------------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability 2016-09-21 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability Advisory ID: cisco-sa-20160921-csp2100-1 Revision 1.0 Published: 2016 September 21 16:00 GMT +------------------------------------------------------------ [ more ] [ reply ] APPLE-SA-2016-09-20-6 tvOS 10 2016-09-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-20-6 tvOS 10 The tvOS 10 advisory has been released to describe the entries below: Audio Available for: Apple TV (4th generation) Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue [ more ] [ reply ] APPLE-SA-2016-09-20-5 watchOS 3 2016-09-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-20-5 watchOS 3 The watchOS 3 advisory has been updated to include additional entries as noted below. Audio Available for: All Apple Watch models Impact: A remote attacker may be able to execute arbitrary code Description: A memory c [ more ] [ reply ] APPLE-SA-2016-09-20-4 macOS Server 5.2 2016-09-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-20-4 macOS Server 5.2 macOS Server 5.2 is now available and addresses the following: apache Available for: macOS 10.12 Sierra Impact: A remote attacker may be able to proxy traffic through an arbitrary server Description: An issue [ more ] [ reply ] APPLE-SA-2016-09-20-3 iOS 10 2016-09-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-20-3 iOS 10 The iOS 10 advisory has been updated to include additional entries as noted below. AppleMobileFileIntegrity Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: A [ more ] [ reply ] APPLE-SA-2016-09-20-2 Safari 10 2016-09-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-20-2 Safari 10 Safari 10 is now available and addresses the following: Safari Reader Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS 10.12 Sierra Impact: Enabling the Safari Reader feature on a maliciousl [ more ] [ reply ] ESA-2016-093: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability 2016-09-20 EMC Product Security Response Center (Security_Alert emc com) ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2016-09-19 EMC Product Security Response Center (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability EMC Identifier: ESA-2016-096 CVE Identifier: CVE-2016-0917 Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) Affec [ more ] [ reply ] ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities 2016-09-19 EMC Product Security Response Center (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities EMC Identifier: ESA-2016-065 CVE Identifier: CVE-2016-0903, CVE-2016-0904, CVE-2016-0905, CVE-2016-0920, CVE-2016-0921 Severity Rating: See below for indi [ more ] [ reply ] Call for Papers - WorldCIST'17 - 5th World Conference on Information Systems and Technologies (Published by Springer) 2016-09-18 ML (marialemos72 gmail com) * ** Apologize if you receive multiple copies of this email, or if its content is irrelevant for you. * ** Please forward for your contacts. Thank you very much! * --------- WorldCIST'17 - 5th World Conference on Information Systems and Technologies Porto santo Isalnd, Madeira, Portugal 11th-13th [ more ] [ reply ] [SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16 Flavio Junqueira (fpj apache org) Apologies for the duplicate, this report has a correction over the previous version sent earlier. ####################################################### CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell Severity: moderate Vendor: The Apache Software Foundation Versions Affec [ more ] [ reply ] [SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16 Flavio Junqueira (fpj apache org) ############################################################ CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell Severity: moderate Vendor: The Apache Software Foundation Versions Affected: ZooKeeper 3.4.0 to 3.4.8 ZooKeeper 3.5.0 to 3.5.2 The unsupported ZooKeeper 1.x through 3 [ more ] [ reply ] [slackware-security] curl (SSA:2016-259-01) 2016-09-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2016-259-01) New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +-------------------------- [ more ] [ reply ] ESA-2016-094: RSA BSAFE® Micro Edition Suite Multiple Vulnerabilities 2016-09-15 EMC Product Security Response Center (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 EMC Identifier: ESA-2016-094 CVE Identifier: CVE-2016-0923, CVE-2016-0924 Affected Products: ? RSA BSAFE Micro Edition Suite (MES) all 4.1.x versions prior to 4.1.5 ? RSA BSAFE Micro Edition Suite (MES) all 4.0.x versions prior to 4.0.9 [ more ] [ reply ] Cisco EPC 3925 Multiple Vulnerabilities 2016-09-15 msg patrykbogdan com # Title: Cisco EPC 3925 Multiple Vulnerabilities # Vendor: http://www.cisco.com/ # Vulnerable Version(s): Cisco EPC3925 (EuroDocsis 3.0 2-PORT Voice Gateway) # Date: 15.09.2016 # Author: Patryk Bogdan ======== Vulnerability list: 1. HTTP Response Injection via 'Lang' Cookie 2. DoS via 'Lang' Cook [ more ] [ reply ] Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936] 2016-09-14 research nightwatchcybersecurity com Original at: https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-tr ansmission-of-data-in-android-applications-developed-with-adobe-air-cve- 2016-6936/ Summary Android applications developed with Adobe AIR send data back to Adobe servers without HTTPS while running. This can allow [ more ] [ reply ] APPLE-SA-2016-09-14-1 iOS 10.0.1 2016-09-14 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-09-14-1 iOS 10.0.1 iOS 10.0.1 is now available and addresses the following: Kernel Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An application may be able to disclose k [ more ] [ reply ] [SECURITY] [DSA 3666-1] mysql-5.5 security update 2016-09-14 Salvatore Bonaccorso (carnil debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3666-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Salvatore Bonaccorso September 14, 2016 [ more ] [ reply ] [security bulletin] HPSBST03640 rev.1 - HP XP7 Command View Advance Edition Suite (CVAE) using Replication Manager (RepMgr) and Device Manager (DevMgr), Local Access Restriction Bypass 2016-09-13 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052577 11 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05257711 Version: 1 HPSBST03640 rev.1 - HP XP7 C [ more ] [ reply ] [security bulletin] HPSBGN03572 rev.1 - HPE Performance Center, Remote User Validation Failure 2016-09-13 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052693 56 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05269356 Version: 1 HPSBGN03572 rev.1 - HPE Perf [ more ] [ reply ] ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability 2016-09-13 EMC Product Security Response Center (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability EMC Identifier: ESA-2016-108 CVE Identifier: CVE-2016-6644 Severity Rating: CVSS v3 Base Score: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected products: EMC Documen [ more ] [ reply ] ESA-2016-104: EMC ViPR SRM Multiple Vulnerabilities 2016-09-13 EMC Product Security Response Center (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ESA-2016-104: EMC ViPR SRM Multiple Vulnerabilities EMC Identifier: ESA-2016-104 CVE Identifier: CVE-2016-0922, CVE-2016-6641, CVE-2016-6642, CVE-2016-6643 Severity Rating: CVSS v3 Base Score: See below for CVSSv3 scores for individual CVE [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] irssi (SSA:2016-265-03)
New irssi packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+-------------------------
[ more ] [ reply ]