(Dec 30) Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code. For the stable distribution (squeeze), this problem has been fixed in [More…]
Archive for December, 2012
(Dec 30) Thorsten Glaser discovered that the RSSReader extension for mediawiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the mediawiki pages. [More…]
(Dec 29) MoinMoin could be made to run programs and overwrite files.
(Dec 26) Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code. [More…]
(Dec 27) Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate. For the stable distribution (squeeze), this problem has been fixed in [More…]
(Dec 27) Multiple security issues have been found in Mahara – an electronic portfolio, weblog, and resume builder -, which can result in cross-site scripting, clickjacking or arbitrary file execution. [More…]
cPanel recently released EasyApache 3.16. This version of EasyApache contains an updated version of ModSecurity that has an important change to Rule IDs which will affect you. In addition to the RuleID change, another change in ModSecurity that affects directive names will be incorporated into EasyApache 3.18. Unique Rule IDs …
(Dec 18) The system could be made to crash under certain conditions.
(Dec 18) The system could be made to crash under certain conditions.
(Dec 18) The system could be made to crash under certain conditions.
(Dec 18) The system could be made to crash under certain conditions.
innerhalb von Swissport Kurznachrichten im RSS (XML)-Format verfügbar zu machen. Einmal
(Dec 19) A weakness was discovered in the example AppArmor profile forchromium-browser.
(Dec 20) The system could be made to crash under certain conditions.
users to aggregate content from blogs like RSS (Really Simple Syndication) newsreaders or
The following new functionality has been added:
[+] Optional ability to restrict main FTP username changes has been added.
The following bug has been fixed:
[-] (Windows only) File download from File Manager hangs due to improper Content-Length value (116222)
[-] (Windows only) Problem with backup MySQL databases. Error like Could not load file or assembly ‘psaobsolete, Version=11.0.4720.35696, Culture=neutral, PublicKeyToken=null’ or one of its dependencies. (125940)
(Dec 20) The system could be made to crash under certain conditions.
(Dec 20) The system could be made to crash under certain conditions.
(Dec 18) Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having low [More…]
(Dec 19) FFmpeg could be made to crash or run programs as your login if it opened aspecially crafted file.
(Dec 19) Libav could be made to crash or run programs as your login if it opened aspecially crafted file.
(Dec 18) Updated kernel packages that fix multiple security issues, numerous bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Dec 18) Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Dec 17) USN-1589-1 exposed a regression in the GNU C Library floating point parser.
(Dec 16) Multiple vulnerabilities have been found in Icedove, Debian’s version of the Mozilla Thunderbird mail and news client. CVE-2012-4201 [More…]
(Dec 16) The tiff library for handling TIFF image files contained a stack-based buffer overflow, potentially allowing attackers who can submit such files to a vulnerable system to execute arbitrary code. [More…]
(Dec 17) Aptdaemon could be tricked into installing arbitrary PPA GPG keys.
(Dec 17) bogofilter could be made to crash or run programs if it processed aspecially crafted email.
(Dec 12) APT could expose sensitive information.
(Dec 12) Nova could be made to expose sensitive information.