Ike.ninja

(Feb 16) Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Shorten, Chines AVS video, VP5, VP6, AVI, AVS and MPEG-1/2 files could lead to the execution of arbitrary code. [More…]

(Feb 21) Several security issues were fixed in OpenSSL.

(Feb 21) Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low [More…]

(Feb 17) Several vulnerabilities were discovered in the TLS/SSL protocol. This update addresses these protocol vulnerabilities in lighttpd. CVE-2009-3555 [More…]

(Feb 20) Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More…]

The following new functionality has been added:

[+] (Windows only) PHP 5.4 support has been added.
[+] (Windows only) PHP 5.3 has been updated to version 5.3.21
[+] Ubuntu 12.04.2 support has been added.

The following bugs have been fixed:

[-] (Windows only) php.ini overwrites to default on PHP package update. Now php.ini will be backuped to php.ini.upgrade file in PHP folder, for instance “%plesk_dir%AdditionalPleskPHP53php.ini.upgrade”.
[-] (Linux only) bootstrapper.sh repair or post-install executed after MU#37 brakes phpMyAdmin 3.5.6 (130017)
[-] (Linux only) sw-engine-cgi processes stuck and accumulate over time putting a strain on memory usage (129857, 57773)
[-] (Linux only) Unable to delete PostgreSQL database user with error “Unsupported version” (129378)
[-] (Linux only) Unable to restart PostgreSQL 9.x service on Ubuntu 12 and SuSE 12 (129143)

(Feb 18) Garth Mollett discovered that a file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd, which provides NSS and PAM modules for using LDAP as a naming service, can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to [More…]

(Feb 19) The system could be made to crash under certain conditions.

(Feb 12) PostgreSQL could be made to crash if it received specially crafted input.

(Feb 14) Several security issues were fixed in OpenJDK.

(Feb 14) The system could be made to crash under certain conditions.

The following new features have been implemented:

– added support of Plesk for Windows
– added check for MailMan configuration
– added check for PostgreSQL configuration
– added check for intersection of system users between source and destination servers

(Feb 13) Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0169 [More…]

(Feb 13) jQuery could be made to expose sensitive information over the network.

(Feb 8) Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More…]