BugTraq Mode:
(Page 27 of 1746)  < Prev  22 23 24 25 26 27 28 29 30 31 32  Next >
[slackware-security] mercurial (SSA:2017-223-03) 2017-08-11
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mercurial (SSA:2017-223-03)

New mercurial packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/

[ more ]  [ reply ]
[SECURITY] [DSA 3937-1] zabbix security update 2017-08-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3937-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 12, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3936-1] postgresql-9.6 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3936-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 10, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3935-1] postgresql-9.4 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3935-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 10, 2017

[ more ]  [ reply ]
[security bulletin] HPESB3P03762 rev.1 - HPE C Switch Software using Cisco Prime Data Center Network Manager (DCNM), Remote Code Execution 2017-08-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesb3p
03762en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesb3p03762en_us

Version: 1

HP

[ more ]  [ reply ]
[ANN] Apache Struts: S2-049 Security Bulletin update 2017-08-10
Lukasz Lenart (lukaszlenart apache org)
This is an update of the recently announced Security Bulletin S2-049 -
http://struts.apache.org/docs/s2-049.html

The bulletin was extended with an additional information when the
potential vulnerability can be present in your application. Please
re-read the mentioned bulletin and apply required act

[ more ]  [ reply ]
[SECURITY] [DSA 3932-1] subversion security update 2017-08-10
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3932-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
August 10, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3933-1] pjproject security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3933-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 10, 2017

[ more ]  [ reply ]
[SECURITY][ANNOUNCE] Apache Subversion 1.9.7 released 2017-08-10
Daniel Shahaf (danielsh apache org)
I'm happy to announce the release of Apache Subversion 1.9.7.
Please choose the mirror closest to you by visiting:

http://subversion.apache.org/download.cgi?update=201708081800#recommende
d-release

This is a stable security release of the Apache Subversion open source
version control system. I

[ more ]  [ reply ]
[SECURITY] [DSA 3929-1] libsoup2.4 security update 2017-08-10
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3929-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 10, 2017

[ more ]  [ reply ]
[slackware-security] curl (SSA:2017-221-01) 2017-08-09
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] curl (SSA:2017-221-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2017-221-02) 2017-08-09
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2017-221-02)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities 2017-08-07
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory
WordPress Easy Modal Plugin
Multiple Security Vulnerabilities

Advisory ID: DC-2017-01-007
Advisory Title: WordPress Easy Modal Plugin Multiple Vulnerabilities
Advisory URL: http://www.defensecode.com/advisories.

[ more ]  [ reply ]
[SECURITY] [DSA 3927-1] linux security update 2017-08-07
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3927-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 07, 2017

[ more ]  [ reply ]
Re: [oss-security] [CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() 2017-08-05
Brad Spengler (spender grsecurity net)
This bothers me, and since nobody else has bothered to ask, I'll chime in:
Can someone please clear up this timeline for me?

We have:
(nearly a month ago) 7/7/2017 Silent upstream fix for vulnerability, no
stable cc, no backports performed, no distro fixes.

Possibly before this, possibly after (p

[ more ]  [ reply ]
[SECURITY] [DSA 3926-1] chromium-browser security update 2017-08-04
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3926-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
August 04, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3925-1] qemu security update 2017-08-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3925-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 04, 2017

[ more ]  [ reply ]
SEC Consult SA-20170804-1 :: Ubiquiti Networks UniFi Cloud Key authenticated command injection 2017-08-04
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170804-1 >
=======================================================================
title: Authenticated Command Injection
product: Ubiquiti Networks UniFi Cloud Key
vulnerable version: Firmware v0.6.1
fixed version:

[ more ]  [ reply ]
SEC Consult SA-20170804-0 :: phpBB Server Side Request Forgery (SSRF) vulnerability 2017-08-04
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170804-0 >
=======================================================================
title: Server Side Request Forgery Vulnerability
product: phpBB
vulnerable version: 3.2.0
fixed version: 3.2.1
CVE number:

[ more ]  [ reply ]
[security bulletin] HPESB3P03767 rev.1 - HPE Proliant ML10 Gen9 servers using Intel Xeon E3-1200M v5 and 6th Generation Intel Core Processors, Unauthorized Write to Filesystem 2017-08-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesb3p
03767en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesb3p03767en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3924-1] varnish security update 2017-08-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3924-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 02, 2017

[ more ]  [ reply ]
[slackware-security] gnupg (SSA:2017-213-01) 2017-08-02
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg (SSA:2017-213-01)

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+------------------------

[ more ]  [ reply ]
CVE-2017-1500 - Relected XSS in IBM WorkLight OAuth Server Web Api 2017-08-02
gabriele gristina gmail com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

☾ Reflected Cross-Site Scripting in IBM Worklight OAuth Server Web Api ☽

======== ☾ Table of Contents ☽ =========================================

0. Overview
1. Detailed Description
2. Proof Of Concept
3. Solution
4

[ more ]  [ reply ]
[security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS) 2017-08-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03763en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03763en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBGN03766 rev.1 - HPE Project and Portfolio Management (PPM), Remote Cross-Site Scripting 2017-08-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03766en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03766en_us

Version: 1

HP

[ more ]  [ reply ]
[CVE-2017-11494] SOL.Connect ISET-mpp meter 1.2.4.2 Authentication Bypass SQL Injection Vulnerability 2017-08-01
andys3c gmail com
Vulnerability type:
SQL injection, leading to administrative access through authentication bypass.

-----------------------------------
Product: SOL.Connect ISET-mpp meter
-----------------------------------
Affected version: SOL.Connect ISET-mpp meter 1.2.4.2 and possibly earlier

Vulnerable param

[ more ]  [ reply ]
[SECURITY] [DSA 3923-1] freerdp security update 2017-08-01
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3923-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
August 01, 2017

[ more ]  [ reply ]
FortiOS <= 5.6.0 Multiple XSS Vulnerabilities 2017-07-28
msg patrykbogdan com
# Title: FortiOS <= 5.6.0 Multiple XSS Vulnerabilities
# Vendor: Fortinet (www.fortinet.com)
# CVE: CVE-2017-3131, CVE-2017-3132, CVE-2017-3133
# Date: 28.07.2016
# Author: Patryk Bogdan (@patryk_bogdan)

Affected FortiNet products:
* CVE-2017-3131 : FortiOS versions 5.4.0 to 5.6.0
* CVE-2017-3132 :

[ more ]  [ reply ]
[security bulletin] HPESBHF03765 rev.1 - HPE ConvergedSystem 700 Solution with Comware v7 Switches using OpenSSL, Remote Denial of Service (DoS) and Disclosure of Sensitive Information 2017-07-26
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03765en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03765en_us

Version: 1

[ more ]  [ reply ]
[SECURITY] [DSA 3919-1] openjdk-8 security update 2017-07-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3919-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 25, 2017

[ more ]  [ reply ]
(Page 27 of 1746)  < Prev  22 23 24 25 26 27 28 29 30 31 32  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus