BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 36 min 32 sec ago

[SECURITY] [DSA 3795-1] bind9 security update

10 hours 35 min ago

Posted by Michael Gilbert on Feb 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3795-1 security () debian org
https://www.debian.org/security/ Michael Gilbert
February 26, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : bind9
CVE ID : CVE-2017-3135
Debian Bug :...
Categories:

[SECURITY] [DSA 3792-1] libreoffice security update

February 24, 2017 - 12:30am

Posted by Moritz Muehlenhoff on Feb 23

-------------------------------------------------------------------------
Debian Security Advisory DSA-3792-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 23, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libreoffice
CVE ID : CVE-2017-3157

Ben Hayak...
Categories:

Advisory X41-2017-004: Multiple Vulnerabilities in tnef

February 23, 2017 - 12:07pm

Posted by X41 D-Sec GmbH Advisories on Feb 23

X41 D-Sec GmbH Security Advisory: X41-2017-004

Multiple Vulnerabilities in tnef
================================

Overview
--------
Confirmed Affected Versions: 1.4.12 and earlier
Confirmed Patched Versions:
Vendor: verdammelt
Vendor URL: https://github.com/verdammelt/tnef/
Vector: File
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/

Summary and Impact...
Categories:

Air Transfer 1.2.1 & 1.0.14 - Multiple XSS Web Vulnerabilities

February 23, 2017 - 8:03am

Posted by Vulnerability Lab on Feb 23

Document Title:
===============
Air Transfer 1.2.1 & 1.0.14 iOS - Multiple XSS Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2035

Release Date:
=============
2017-02-22

Vulnerability Laboratory ID (VL-ID):
====================================
2035

Common Vulnerability Scoring System:
====================================
3.2

Product & Service Introduction:...
Categories:

FreeBSD Security Advisory FreeBSD-SA-17:02.openssl

February 23, 2017 - 2:57am

Posted by FreeBSD Security Advisories on Feb 22

=============================================================================
FreeBSD-SA-17:02.openssl Security Advisory
The FreeBSD Project

Topic: OpenSSL multiple vulnerabilities

Category: contrib
Module: openssl
Announced: 2017-02-23
Affects: All supported versions of FreeBSD.
Corrected: 2017-01-26 19:14:14 UTC...
Categories:

[SECURITY] [DSA 3791-1] linux security update

February 23, 2017 - 12:13am

Posted by Salvatore Bonaccorso on Feb 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3791-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 22, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2016-6786 CVE-2016-6787...
Categories:

[SECURITY] [DSA 3788-2] tomcat8 regression update

February 22, 2017 - 2:11pm

Posted by Salvatore Bonaccorso on Feb 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3788-2 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 22, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : tomcat8

The update for tomcat8 issued as DSA-3788-1 caused...
Categories:

[security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information

February 22, 2017 - 12:32am

Posted by security-alert on Feb 21

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05398322

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05398322
Version: 1

HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX
running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive
Information

NOTICE: The information in this Security Bulletin should be acted...
Categories:

APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1

February 21, 2017 - 2:13pm

Posted by Apple Product Security on Feb 21

APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1

Logic Pro X 10.3.1 is now available and addresses the following:

Projects
Available for: OS X Yosemite v10.10 or later (64 bit)
Impact: Opening a maliciously crafted GarageBand Project file may
lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2374: Tyler Bohan of Cisco Talos

Installation note:

Logic Pro X may be obtained...
Categories:

PDFMate PDF Converter Pro 1.7.5.0 - Buffer Overflow Vulnerability

February 20, 2017 - 5:25am

Posted by Vulnerability Lab on Feb 20

Document Title:
===============
PDFMate PDF Converter Pro 1.7.5.0 - Buffer Overflow Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2029

Release Date:
=============
2017-01-30

Vulnerability Laboratory ID (VL-ID):
====================================
2029

Common Vulnerability Scoring System:
====================================
5.9

Product & Service Introduction:...
Categories: