Feed aggregator

next-20160502: linux-next

Linux Kernel Updates - May 2, 2016 - 3:36am
Version:next-20160502 (linux-next) Released:2016-05-02

[slackware-security] subversion (SSA:2016-121-01)

BugTraq Latest Security Advisories - May 2, 2016 - 3:08am

Posted by Slackware Security Team on May 02

[slackware-security] subversion (SSA:2016-121-01)

New subversion packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/subversion-1.7.22-i486-2_slack14.1.txz: Rebuilt.
This update patches two security issues:
CVE-2016-2167: svnserve/sasl may authenticate users using the wrong realm.
CVE-2016-2168:...
Categories:

[slackware-security] php (SSA:2016-120-02)

BugTraq Latest Security Advisories - May 2, 2016 - 3:00am

Posted by Slackware Security Team on May 02

[slackware-security] php (SSA:2016-120-02)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.6.21-i486-1_slack14.1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.21...
Categories:

[slackware-security] ntp (SSA:2016-120-01)

BugTraq Latest Security Advisories - May 2, 2016 - 2:52am

Posted by Slackware Security Team on May 02

[slackware-security] ntp (SSA:2016-120-01)

New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz: Upgraded.
This release patches several low and medium severity security issues:
CVE-2016-1551: Refclock impersonation vulnerability, AKA:...
Categories:

[security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution

BugTraq Latest Security Advisories - May 2, 2016 - 2:41am

Posted by security-alert on May 02

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04989404

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04989404
Version: 3

HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion
Eucalyptus Components using glibc, Remote Arbitrary Code Execution

NOTICE: The information in this Security Bulletin should be acted...
Categories:

Bugtraq: [SECURITY] [DSA 3561-1] subversion security update

[SECURITY] [DSA 3561-1] subversion security update
Categories:

Bugtraq: SQL Injection in GLPI

SQL Injection in GLPI
Categories:

Bugtraq: Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability
Categories:

Bugtraq: Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream

Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream
Categories:

4.6-rc6: mainline

Linux Kernel Updates - May 1, 2016 - 5:52pm
Version:4.6-rc6 (mainline) Released:2016-05-01 Source:linux-4.6-rc6.tar.xz PGP Signature:linux-4.6-rc6.tar.sign Patch:patch-4.6-rc6.xz

3.16.35: longterm

Linux Kernel Updates - April 30, 2016 - 5:08pm
Version:3.16.35 (longterm) Released:2016-04-30 Source:linux-3.16.35.tar.xz PGP Signature:linux-3.16.35.tar.sign Patch:patch-3.16.35.xz

3.16.35: stable

Linux Kernel Updates - April 30, 2016 - 5:08pm
Version:3.16.35 (stable) Released:2016-04-30 Source:linux-3.16.35.tar.xz PGP Signature:linux-3.16.35.tar.sign Patch:patch-3.16.35.xz

3.2.80: longterm

Linux Kernel Updates - April 30, 2016 - 5:05pm
Version:3.2.80 (longterm) Released:2016-04-30 Source:linux-3.2.80.tar.xz PGP Signature:linux-3.2.80.tar.sign Patch:patch-3.2.80.xz (Incremental) ChangeLog:ChangeLog-3.2.80

[SECURITY] [DSA 3561-1] subversion security update

BugTraq Latest Security Advisories - April 29, 2016 - 8:44am

Posted by Salvatore Bonaccorso on Apr 29

-------------------------------------------------------------------------
Debian Security Advisory DSA-3561-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 29, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : subversion
CVE ID : CVE-2016-2167 CVE-2016-2168...
Categories:

Bugtraq: [security bulletin] HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote Denial of Service (DoS)

Security Focus Latest Security Advisories - April 29, 2016 - 8:00am
[security bulletin] HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote Denial of Service (DoS)
Categories:

SQL Injection in GLPI

BugTraq Latest Security Advisories - April 29, 2016 - 5:54am

Posted by High-Tech Bridge Security Research on Apr 29

Advisory ID: HTB23301
Product: GLPI
Vendor: INDEPNET
Vulnerable Version(s): 0.90.2 and probably prior
Tested Version: 0.90.2
Advisory Publication: April 8, 2016 [without technical details]
Vendor Notification: April 8, 2016
Vendor Patch: April 11, 2016
Public Disclosure: April 29, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Solution Status: Fixed by...
Categories:

Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

BugTraq Latest Security Advisories - April 29, 2016 - 5:43am

Posted by Vulnerability Lab on Apr 29

Document Title:
===============
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1839

Release Date:
=============
2016-04-29

Vulnerability Laboratory ID (VL-ID):
====================================
1839

Common Vulnerability Scoring System:
====================================
3.3

Product & Service Introduction:...
Categories:

Bugtraq: CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*

Security Focus Latest Security Advisories - April 29, 2016 - 4:00am
CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*
Categories:

Bugtraq: [SECURITY] [DSA 3560-1] php5 security update

Security Focus Latest Security Advisories - April 29, 2016 - 4:00am
[SECURITY] [DSA 3560-1] php5 security update
Categories:

next-20160429: linux-next

Linux Kernel Updates - April 29, 2016 - 2:10am
Version:next-20160429 (linux-next) Released:2016-04-29