Ike.ninja

(Jul 17) Several security issues were fixed in Firefox.

(Jul 24) Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.0 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More…]

(Dec 11) Update to 1.8.6 p368 This package also fixes the build failure on arm
-gnueabi systems (bug 506233), and DOS vulnerability issue on BigDecimal method
(bug 504958, CVE-2009-1904)

(Jul 22) Rafal Wojtczuk from Bromium discovered that FreeBSD wasn’t handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users. [More…]

(Dec 11) Moodle upstream has released latest stable versions (1.9.7 and 1.8.11), fixing
multiple security issues. The list for 1.9.7 release:
————————– Security issues * MSA-09-0022 – Multiple
CSRF problems fixed * MSA-09-0023 – Fixed user account disclosure in LAMS
module * MSA-09-0024 – Fixed insufficient access control in Glossary module
* MSA-09-0025 – Unneeded MD5 hashes removed from user table * MSA-09-0026 –
Fixed invalid application access control in MNET interface * MSA-09-0027 –
Ensured login information is always sent secured when using
SSL for logins * MSA-09-0028 – Passwords and secrets are no longer ever
saved in backups, new backup capabilities
moodle/backup:userinfo and moodle/restore:userinfo for
controlling who can backup/restore user data, new checks in
the security overview report help admins identify dangerous
backup permissions * MSA-09-0029 – A strong password
policy is now enabled by default, enabling password salt in
encouraged in config.php, admins are forced to change
password after the upgrade and admins can force password
change on other users via Bulk user actions *
MSA-09-0030 – New detection of insecure Flash player plugins, Moodle
won’t serve Flash to insecure plugins * MSA-09-0031 – Fixed SQL injection
in SCORM module The list for 1.8.11 release: —————————-
Security issues * MSA-09-0022 – Multiple CSRF problems fixed *
MSA-09-0023 – Fixed user account disclosure in LAMS module * MSA-09-0024 –
Fixed insufficient access control in Glossary module * MSA-09-0025 –
Unneeded MD5 hashes removed from user table * MSA-09-0026 – Fixed invalid
application access control in MNET interface * MSA-09-0027 – Ensured login
information is always sent secured when using SSL for
logins * MSA-09-0028 – Passwords and secrets are no longer ever saved in
backups, new backup capabilities moodle/backup:userinfo and
moodle/restore:userinfo for controlling who can
backup/restore user data * MSA-09-0029 – Enabling a password salt in
encouraged in config.php and admins are forced to change
password after the upgrade * MSA-09-0031 –
Fixed SQL injection in SCORM module References: ———–
http://docs.moodle.org/en/Moodle_1.9.7_release_notes
http://docs.moodle.org/en/Moodle_1.8.11_release_notes CVE Request:
———— http://www.openwall.com/lists/oss-security/2009/12/06/1

(Dec 11) Moodle upstream has released latest stable versions (1.9.7 and 1.8.11), fixing
multiple security issues. The list for 1.9.7 release:
————————– Security issues * MSA-09-0022 – Multiple
CSRF problems fixed * MSA-09-0023 – Fixed user account disclosure in LAMS
module * MSA-09-0024 – Fixed insufficient access control in Glossary module
* MSA-09-0025 – Unneeded MD5 hashes removed from user table * MSA-09-0026 –
Fixed invalid application access control in MNET interface * MSA-09-0027 –
Ensured login information is always sent secured when using
SSL for logins * MSA-09-0028 – Passwords and secrets are no longer ever
saved in backups, new backup capabilities
moodle/backup:userinfo and moodle/restore:userinfo for
controlling who can backup/restore user data, new checks in
the security overview report help admins identify dangerous
backup permissions * MSA-09-0029 – A strong password
policy is now enabled by default, enabling password salt in
encouraged in config.php, admins are forced to change
password after the upgrade and admins can force password
change on other users via Bulk user actions *
MSA-09-0030 – New detection of insecure Flash player plugins, Moodle
won’t serve Flash to insecure plugins * MSA-09-0031 – Fixed SQL injection
in SCORM module The list for 1.8.11 release: —————————-
Security issues * MSA-09-0022 – Multiple CSRF problems fixed *
MSA-09-0023 – Fixed user account disclosure in LAMS module * MSA-09-0024 –
Fixed insufficient access control in Glossary module * MSA-09-0025 –
Unneeded MD5 hashes removed from user table * MSA-09-0026 – Fixed invalid
application access control in MNET interface * MSA-09-0027 – Ensured login
information is always sent secured when using SSL for
logins * MSA-09-0028 – Passwords and secrets are no longer ever saved in
backups, new backup capabilities moodle/backup:userinfo and
moodle/restore:userinfo for controlling who can
backup/restore user data * MSA-09-0029 – Enabling a password salt in
encouraged in config.php and admins are forced to change
password after the upgrade * MSA-09-0031 –
Fixed SQL injection in SCORM module References: ———–
http://docs.moodle.org/en/Moodle_1.9.7_release_notes
http://docs.moodle.org/en/Moodle_1.8.11_release_notes CVE Request:
———— http://www.openwall.com/lists/oss-security/2009/12/06/1

(Jul 19) KDE PIM could be made to execute JavaScript if it opened a speciallycrafted email.

(Jul 18) Updated glibc packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]

Enterprise Monitor product. You can subscribe to RSS or Atom feeds, linked from this page, to

The Joomla Project is pleased to announce the availability of Joomla 3.0 Alpha 1 for download. This alpha release is intended primarily for extension developers to test their extensions. More information is available on the Development Site.

The following abilities were added:
[+] Parallels Business Automation – Standard 3.3 support
[+] Parallels Plesk Panel 11 support
[+] New options:
–clean-up-sessions – clean up sessions table in Plesk database
–pdusers – change passwords for protected directories users

Enterprise Monitor product. You can subscribe to RSS or Atom feeds, linked from this page, to

The following bugs have been fixed:

[-] Password strength policy does not work for the admin on the initial setup page (112284)
[-] Migrating of single subscription from Plesk 10/11 to Plesk 11 end with error “Line 48 error: Element ‘template-item’: This element is not expected”.
[-] (Linux only) Mailbox can’t be created on Ubuntu 10.04 (112282)
[-] (Linux only) Reseller’s plans are not migrating to Plesk 11
[-] (Linux only) Web server switching from apache to apache with SNI fails because of wrong apr-devel package
[-] (Linux only) Error “Error: unable to open ‘/etc/httpd/conf/includes/errordocument.conf’: No such file or directory” messages appears after migration from cPanel
[-] (Linux only) Error “Error occurred during /bin/mkdir command.” messages appears at migration of protected directories from Plesk 9.5.4
[-] (Linux only) Maillists are not migrating from cPanel
[-] (Linux only) Anonymous FTP accounts are not migrating from cPanel
[-] (Linux only) Autoinstaller doesn’t treat repositories “cloudlinux-base”, “cloudlinux-updates”, “cloudlinux-x86_64-*”, cloudlinux-i386-*” as third-party repositories on CloudLinux and doesn’t warn user about absence of “base” and “updates” repositories if “cloudlinux-x86_64-*”, cloudlinux-i386-*” repositories are defined.