Feed aggregator

3.14.77: longterm

Linux Kernel Updates - August 20, 2016 - 4:53am
Version:3.14.77 (longterm) Released:2016-08-20 Source:linux-3.14.77.tar.xz PGP Signature:linux-3.14.77.tar.sign Patch:patch-3.14.77.xz (Incremental) ChangeLog:ChangeLog-3.14.77

Vuln: WordPress CVE-2016-6897 Cross Site Request Forgery Vulnerability

Security Focus Latest Security Advisories - August 19, 2016 - 11:00pm
WordPress CVE-2016-6897 Cross Site Request Forgery Vulnerability
Categories:

Horizontal Privilege Escalation/Code Injection in ownCloud’s Windows Client

BugTraq Latest Security Advisories - August 19, 2016 - 6:22am

Posted by Florian Bogner on Aug 19

Horizontal Privilege Escalation/Code Injection in ownCloud’s Windows Client

Metadata
===================================================
Release Date: 17-08-2016
Author: Florian Bogner @ Kapsch BusinessCom AG (https://www.kapsch.net/kbc)
Affected versions: up to ownCloud's Desktop client version 2.2.2
Tested on: Windows 7 64 bit
CVE : pending
URL: https://bogner.sh/2016/08/horizontal-privilege-escalation-in-ownclouds-windows-client/...
Categories:

[CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method

BugTraq Latest Security Advisories - August 19, 2016 - 6:13am

Posted by Justin Bull on Aug 19

Good evening everyone,

A security bulletin for all of you.

Software:
--------
Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper)

Description:
----------
Doorkeeper is an OAuth 2 provider for Rails written in Ruby.

Affected Versions:
---------------
1.2.0 - 4.1.0 (all versions but latest patch supporting token revocation)

Fixed Versions:
-------------
4.2.0 or apply this commit[0]

Problem:
--------
Doorkeeper failed to implement OAuth...
Categories:

Bugtraq: [SYSS-2016-055] QNAP QTS - OS Command Injection

Security Focus Latest Security Advisories - August 19, 2016 - 5:00am
[SYSS-2016-055] QNAP QTS - OS Command Injection
Categories:

Bugtraq: [SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting

Security Focus Latest Security Advisories - August 19, 2016 - 5:00am
[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting
Categories:

next-20160819: linux-next

Linux Kernel Updates - August 18, 2016 - 11:08pm
Version:next-20160819 (linux-next) Released:2016-08-19