Ubuntu: 1969-1: Linux kernel (OMAP4) vulnerabilities
Sep30
on September 30, 2013
at 3:35 am
Posted In: Uncategorized
(Sep 27) Several security issues were fixed in the kernel.
Comment
Archive for September, 2013
93 results.
Ubuntu: 1972-1: Linux kernel vulnerabilities
Sep30
on September 30, 2013
at 3:35 am
Posted In: Uncategorized
(Sep 27) Several security issues were fixed in the kernel.
The Oracle Media Centre
Ubuntu: 1973-1: Linux kernel (OMAP4) vulnerabilities
Sep29
on September 29, 2013
at 3:30 am
Posted In: Uncategorized
(Sep 27) Several security issues were fixed in the kernel.
Ubuntu: 1974-1: Linux kernel vulnerabilities
Sep29
on September 29, 2013
at 3:30 am
Posted In: Uncategorized
(Sep 27) Several security issues were fixed in the kernel.
I’m pleased to announce the availability of WordPress 3.7 Beta 1. For WordPress 3.7 we decided to shorten the development cycle and focus on a few key improvements. We plan to release the final product in October, and then follow it in December with a jam-packed WordPress 3.8 release, which is already in development. Some […]
Ubuntu: 1975-1: Linux kernel (OMAP4) vulnerabilities
Sep28
on September 28, 2013
at 3:26 am
Posted In: Uncategorized
(Sep 27) Several security issues were fixed in the kernel.
Ubuntu: 1968-1: Linux kernel vulnerabilities
Sep28
on September 28, 2013
at 3:26 am
Posted In: Uncategorized
(Sep 27) Several security issues were fixed in the kernel.
Debian: 2765-1: davfs2: privilege escalation
Sep28
on September 28, 2013
at 2:37 am
Posted In: Uncategorized
(Sep 26) Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation. For the oldstable distribution (squeeze), this problem has been fixed in [More…]
Red Hat: 2013:1292-01: kernel: Moderate Advisory
Sep28
on September 28, 2013
at 2:26 am
Posted In: Uncategorized
(Sep 26) Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More…]
Debian: 2764-1: libvirt: programming error
Sep27
on September 27, 2013
at 2:28 am
Posted In: Uncategorized
(Sep 25) Daniel P. Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats() function could lead to denial of service. [More…]
Red Hat: 2013:1282-01: rtkit: Important Advisory
Sep27
on September 27, 2013
at 2:24 am
Posted In: Uncategorized
(Sep 24) An updated rtkit package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More…]
Red Hat: 2013:1283-01: puppet: Moderate Advisory
Sep27
on September 27, 2013
at 2:24 am
Posted In: Uncategorized
(Sep 24) Updated puppet packages that fix several security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate [More…]
IMPORTANT: cPanel Security Notice 2013-09-25: WordPress 3.6.1
Sep26
on September 26, 2013
at 5:04 pm
Posted In: Uncategorized
SUMMARY Three CVEs were reported for WordPress 3.6 and WordPress has released an upgraded version to address theses vulnerabilities. cPanel has updated the WordPress version delivered via the cPAddons functionality in WHM to the new version of 3.6.1. AFFECTED VERSIONS All versions of WordPress 3.6.0 and below. SECURITY RATING US-CERT/NIST …
Wildcard EV certificates supported by major browsers
Sep26
on September 26, 2013
at 2:30 pm
Posted In: Uncategorized
Extended Validation, or EV, certificates are designed to provide evidence of a greater level of verification by the Certificate Authority of the legal identity of the company in control of the SSL certificate and domain name. By way of contrast, the most common type of certificate, domain-validated, only requires the CA to verify control of […]
Parallels Plesk Panel 11.5.30 MU#17
Sep26
on September 26, 2013
at 11:34 am
Posted In: Uncategorized
The following features have been improved:
[+] Administrators can forbid renaming primary domains of subscriptions.
The primary domain of a subscription is the domain that you set when creating the subscription. The subscription’s name is the same as its primary domain name. Administrators can forbid customers to modify this name by selecting the corresponding option in Tools & Settings or by means of the command-line interface:
- On Linux: plesk bin server_pref –update -forbid-subscription-rename true|false
- On Windows: “%plesk_dir%inserver_pref.exe” –update -forbid-subscription-rename true|false
Note: Administrators can modify the names of customers’ subscriptions, even if this option is selected. By default, this option is not selected.
[+] The Horde webmail was upgraded to the version 5.1.4
The following issues have been fixed:
[-] Panel did not load proper SSL certificates for domains. (142545)
(Sep 24) Samba could be made to hang if it received specially crafted networktraffic.
Ubuntu: 1967-1: Django vulnerabilities
Sep26
on September 26, 2013
at 3:16 am
Posted In: Uncategorized
(Sep 24) Several security issues were fixed in Django.
Debian: 2763-1: pyopenssl: hostname check bypassing
Sep26
on September 26, 2013
at 3:09 am
Posted In: Uncategorized
(Sep 24) It was discovered that PyOpenSSL, a Python wrapper around the OpenSSL library, does not properly handle certificates with NULL characters in the Subject Alternative Name field. [More…]
Red Hat: 2013:1284-01: ruby193-puppet: Critical Advisory
Sep26
on September 26, 2013
at 2:15 am
Posted In: Uncategorized
(Sep 24) Updated ruby193-puppet packages that fix three security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having critical [More…]
Red Hat: 2013:1285-01: openstack-keystone: Moderate Advisory
Sep26
on September 26, 2013
at 2:15 am
Posted In: Uncategorized
(Sep 25) Updated openstack-keystone packages that fix one security issue are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate [More…]
Ubuntu: 1964-1: LibRaw vulnerabilities
Sep25
on September 25, 2013
at 3:04 am
Posted In: Uncategorized
(Sep 23) LibRaw could be made to crash if it opened a specially crafted file.
Ubuntu: 1965-1: pyOpenSSL vulnerability
Sep25
on September 25, 2013
at 3:04 am
Posted In: Uncategorized
(Sep 23) Fraudulent security certificates could allow sensitive information to beexposed when accessing the Internet.
Debian: 2762-1: icedove: Multiple vulnerabilities
Sep25
on September 25, 2013
at 2:55 am
Posted In: Uncategorized
(Sep 23) Multiple security issues have been found in Icedove, Debian’s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code. [More…]
Certificate Authorities struggle to comply with Baseline Requirements
Sep23
on September 23, 2013
at 3:55 pm
Posted In: Uncategorized
SSL Certificate Authorities (CAs) are responsible for issuing the SSL certificates which are used to protect billions of secure transactions across the internet against eavesdroppers and impersonators. The CA/B forum — a group of CAs and browser vendors — drew up the Baseline Requirements in 2011 outlining a set of minimum standards to which all […]
The following issue has been fixed:
[-] Security improvements*. Important: Regular updates of Parallels Plesk Panel and third-party components guarantee that your server stays secure against malicious attacks.
* – We would like to thank Combell Group for assistance with discovering this issue.
The following issue has been fixed:
[-] Security improvements*. Important: Regular updates of Parallels Plesk Panel and third-party components guarantee that your server stays secure against malicious attacks.
* – We would like to thank Combell Group for assistance with discovering this issue.
Parallels Plesk Panel 11.5.30 MU#16
Sep23
on September 23, 2013
at 12:00 pm
Posted In: Uncategorized
The following issue has been fixed:
[-] Security improvements*. Important: Regular updates of Parallels Plesk Panel and third-party components guarantee that your server stays secure against malicious attacks.
* – We would like to thank Combell Group for assistance with discovering this issue.
Ubuntu: 1960-1: Software Properties vulnerability
Sep23
on September 23, 2013
at 2:45 am
Posted In: Uncategorized
(Sep 18) Software Properties could be tricked into bypassing polkit authorizations.
Ubuntu: 1953-1: polkit vulnerability
Sep23
on September 23, 2013
at 2:45 am
Posted In: Uncategorized
(Sep 18) polkit could be tricked into giving out improper authorization.