(Jan 8) An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
Comment
(Jan 9) It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and [More…]
(Jan 9) Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to “safe”. For the stable distribution (squeeze), this problem has been fixed in [More…]
(Jan 10) The system could be made to leak sensitive system information.
(Jan 10) The system could be made to leak sensitive system information.