(Jan 9) It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and [More…]
Archive for January 10th, 2013
(Jan 9) Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to “safe”. For the stable distribution (squeeze), this problem has been fixed in [More…]
(Jan 10) The system could be made to leak sensitive system information.
(Jan 10) The system could be made to leak sensitive system information.
(Jan 8) An updated openshift-origin-node-util package that fixes two security issues is now available for Red Hat OpenShift Enterprise 1.0. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Jan 9) Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]