(Jan 6) Updated ruby193-rubygem-actionpack packages that fix multiple security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having [More…]
Comment
Archive for January, 2014
78 results.
(Jan 5) Several vulnerabilities have been discovered in uscan, a tool to scan upstream sits for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code [More…]
cPanel & WHM software version 11.36 will reach End of Life at the end of January 2014. In accordance with our EOL policy [http://docs.cpanel.net/twiki/bin/view/AllDocumentation/InstallationGuide/LongTermSupport],11.36 will continue functioning on servers after reaching EOL. However, no further updates, such as security fixes and installations, will be provided for 11.36 once it reaches …
(Jan 3) Several security issues were fixed in the kernel.
(Jan 3) Several security issues were fixed in the kernel.
(Jan 3) Several security issues were fixed in the kernel.
(Jan 3) Several security issues were fixed in the kernel.
(Jan 1) Multiple vulnerabilities have been found in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following issues: [More…]
(Jan 3) Several security issues were fixed in the kernel.
(Jan 3) Several security issues were fixed in the kernel.
(Dec 31) An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system. [More…]
(Jan 1) Several vulnerabilities were discovered in TYPO3, a content management system. This update addresses cross-site scripting, information disclosure, mass assignment, open redirection and insecure unserialize vulnerabilities and corresponds to TYPO3-CORE-SA-2013-004. [More…]
In the January 2014 survey we received responses from 861,379,152 sites, an increase of 355,935 since last month. 2013 has been a year of significant change: the web has grown by more than one third, the importance of SSL has been highlighted by a series of spying revelations, Microsoft now power just below 30% of all […]
(Jan 1) Multiple security issues have been fixed in OpenSSL: The TLS 1.2 support was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this updates disables the insecure Dual_EC_DRBG algorithm (which was unused anyway, see [More…]
(Dec 28) Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework: vulnerabilities due to optimistic cross-site request forgery protection, insecure pseudo random number generation, code execution and incorrect security token validation. [More…]
Rank Performance Graph OS Outagehh:mm:ss FailedReq% DNS […]
(Dec 30) Peter McLarnan discovered that the internationalization component of Ruby on Rails does not properly encode parameters in generated HTML code, resulting in a cross-site scripting vulnerability. This update corrects the underlying vulnerability in the i18n gem, as provided by [More…]
(Dec 28) Multiple vulnerabilities have been found in the HP Linux Printing and Imaging System: Insecure temporary files, insufficient permission checks in PackageKit and the insecure hp-upgrade service has been disabled. [More…]