BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 5 min ago

[slackware-security] openssl (SSA:2016-270-01)

September 27, 2016 - 12:28am

Posted by Slackware Security Team on Sep 26

[slackware-security] openssl (SSA:2016-270-01)

New openssl packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
Missing CRL sanity check (CVE-2016-7052)
For more information, see:...
Categories:

[security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS)

September 26, 2016 - 12:01pm

Posted by security-alert on Sep 26

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05278882

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05278882
Version: 1

HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of
Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-09-20
Last Updated:...
Categories:

OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10)

September 26, 2016 - 4:03am

Posted by Ralf Spenneberg on Sep 26

OpenSource Security Ralf Spenneberg
Am Bahnhof 3-5
48565 Steinfurt
info () os-s net

OS-S Security Advisory 2016-19

Title: Epson WorkForce multi-function printers do not use signed
firmware images and allow unauthorized malicious firmware-updates
Authors: Yves-Noel Weweler <y.weweler () gmail com>, Ralf Spenneberg
<ralf () os-t de>, Hendrik Schwartke <hendrik () os-t de>

Date: September 26th 2015
Vendor contacted: September...
Categories:

[slackware-security] php (SSA:2016-267-01)

September 26, 2016 - 3:50am

Posted by Slackware Security Team on Sep 26

[slackware-security] php (SSA:2016-267-01)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php-5.6.26-i586-1_slack14.2.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.26...
Categories:

ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability

September 23, 2016 - 8:35am

Posted by EMC Product Security Response Center on Sep 23

ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability

EMC Identifier: EMC-2016-097

CVE Identifier: CVE-2016-0918

Severity Rating: CVSS v3 Base Score: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products:
•RSA Identity Management and Governance versions prior to 6.8.1 P25
•RSA Identity Management and Governance versions prior to 6.9.1 P15
•RSA Via Lifecycle and Governance versions prior to...
Categories:

Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium

September 23, 2016 - 2:47am

Posted by cfpbrussels2017 on Sep 23

` . R E C O N * B R U S S E L S .
. . C F P ' .
' https://recon.cx
. 27 - 29 January 2017 . .
. ' Brussels, Belgium .
\ .
-6)) +
\ † ....
Categories:

[SECURITY] [DSA 3674-1] firefox-esr security update

September 23, 2016 - 2:34am

Posted by Moritz Muehlenhoff on Sep 23

-------------------------------------------------------------------------
Debian Security Advisory DSA-3674-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
September 22, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2016-5250 CVE-2016-5257...
Categories: