Feed aggregator

Vuln: ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 12, 2014 - 12:00am
ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
Categories:

Vuln: Linux Kernel CVE-2014-3182 'hid-logitech-dj.c' Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - December 12, 2014 - 12:00am
Linux Kernel CVE-2014-3182 'hid-logitech-dj.c' Buffer Overflow Vulnerability
Categories:

Vuln: OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability

Security Focus Latest Security Advisories - December 12, 2014 - 12:00am
OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
Categories:

Vuln: OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 12, 2014 - 12:00am
OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
Categories:

ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities

BugTraq Latest Security Advisories - December 11, 2014 - 2:45pm

Posted by petri . iivonen on Dec 11

Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities
Author: Petri Iivonen
Contact: petri.iivonen_at_tmbc_gov_uk
Discovered: 11 June 2014
Updated: 11 December 2014
Published: 11 December 2014
Vendor: Montala Limited
Vendor url: www.resourcespace.org
Software: ResourceSpace Digital Asset Management Software
Versions: 6.4.5976 and prior
Status: Unpatched
Vulnerable scripts:
/pages/themes.php...
Categories:

Bugtraq: [slackware-security] wpa_supplicant (SSA:2014-344-07)

Security Focus Latest Security Advisories - December 11, 2014 - 2:15pm
[slackware-security] wpa_supplicant (SSA:2014-344-07)
Categories:

Bugtraq: [slackware-security] seamonkey (SSA:2014-344-06)

Security Focus Latest Security Advisories - December 11, 2014 - 2:15pm
[slackware-security] seamonkey (SSA:2014-344-06)
Categories:

APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2

BugTraq Latest Security Advisories - December 11, 2014 - 1:57pm

Posted by Apple Product Security on Dec 11

APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2

Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 are now available and
include the security content of Safari 8.0.1, Safari 7.1.1, and
Safari 6.2.1: https://support.apple.com/en-us/HT6596

Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 may be obtained from the
Mac App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222...
Categories:

Bugtraq: [slackware-security] pidgin (SSA:2014-344-05)

Security Focus Latest Security Advisories - December 11, 2014 - 1:00pm
[slackware-security] pidgin (SSA:2014-344-05)
Categories:

[SECURITY] [DSA 3098-1] graphviz security update

BugTraq Latest Security Advisories - December 11, 2014 - 12:31pm

Posted by Salvatore Bonaccorso on Dec 11

-------------------------------------------------------------------------
Debian Security Advisory DSA-3098-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
December 11, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : graphviz
CVE ID : CVE-2014-9157
Debian Bug :...
Categories:

[SECURITY] [DSA 3097-1] unbound security update

BugTraq Latest Security Advisories - December 11, 2014 - 5:52am

Posted by Yves-Alexis Perez on Dec 11

-------------------------------------------------------------------------
Debian Security Advisory DSA-3097-1 security () debian org
http://www.debian.org/security/ Yves-Alexis Perez
December 10, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : unbound
CVE ID : CVE-2014-8602
Debian Bug :...
Categories:

[slackware-security] openssh (SSA:2014-344-03)

BugTraq Latest Security Advisories - December 11, 2014 - 5:43am

Posted by Slackware Security Team on Dec 11

[slackware-security] openssh (SSA:2014-344-03)

New openssh packages are available for Slackware 14.0, 14.1, and -current.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openssh-6.7p1-i486-2_slack14.1.txz: Rebuilt.
Restored support for tcpwrappers that was dropped by upstream.
Thanks to mancha.
+--------------------------+

Where to find the new packages:...
Categories:

[slackware-security] wpa_supplicant (SSA:2014-344-07)

BugTraq Latest Security Advisories - December 11, 2014 - 5:34am

Posted by Slackware Security Team on Dec 11

[slackware-security] wpa_supplicant (SSA:2014-344-07)

New wpa_supplicant packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/wpa_supplicant-2.3-i486-1_slack14.1.txz: Upgraded.
This update fixes a remote command-execution vulnerability caused by a
failure to adequately sanitize user-supplied input....
Categories:

next-20141211: linux-next

Linux Kernel Updates - December 11, 2014 - 5:34am
Version:next-20141211 (linux-next) Released:2014-12-11

Bugtraq: [slackware-security] openvpn (SSA:2014-344-04)

Security Focus Latest Security Advisories - December 11, 2014 - 5:30am
[slackware-security] openvpn (SSA:2014-344-04)
Categories:

[slackware-security] mozilla-firefox (SSA:2014-344-02)

BugTraq Latest Security Advisories - December 11, 2014 - 5:25am

Posted by Slackware Security Team on Dec 11

[slackware-security] mozilla-firefox (SSA:2014-344-02)

New mozilla-firefox packages are available for Slackware 14.1 to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-31.3.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[slackware-security] pidgin (SSA:2014-344-05)

BugTraq Latest Security Advisories - December 11, 2014 - 5:16am

Posted by Slackware Security Team on Dec 11

[slackware-security] pidgin (SSA:2014-344-05)

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/pidgin-2.10.11-i486-1_slack14.1.txz: Upgraded.
This update contains login fixes for MSN and some XMPP servers.
+--------------------------+

Where to find the new packages:...
Categories:

[slackware-security] bind (SSA:2014-344-01)

BugTraq Latest Security Advisories - December 11, 2014 - 5:08am

Posted by Slackware Security Team on Dec 11

[slackware-security] bind (SSA:2014-344-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/bind-9.9.6_P1-i486-1_slack14.1.txz: Upgraded.
This update fixes a security issue where a failure to place limits on
delegation chaining can allow an attacker to crash BIND or cause...
Categories:

[slackware-security] seamonkey (SSA:2014-344-06)

BugTraq Latest Security Advisories - December 11, 2014 - 4:59am

Posted by Slackware Security Team on Dec 11

[slackware-security] seamonkey (SSA:2014-344-06)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/seamonkey-2.31-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:...
Categories:

[slackware-security] openvpn (SSA:2014-344-04)

BugTraq Latest Security Advisories - December 11, 2014 - 4:50am

Posted by Slackware Security Team on Dec 11

[slackware-security] openvpn (SSA:2014-344-04)

New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openvpn-2.3.6-i486-1_slack14.1.txz: Upgraded.
This update fixes a security issue that allows remote authenticated
users to cause a denial of service (server crash) via a small...
Categories: