-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3937-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 12, 2017
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] mercurial (SSA:2017-223-03)
New mercurial packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--+
patches
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3940-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 13, 2017
# Vulnerability type: Multiple Stored Cross Site Scripting
# Vendor: Quali
# Product: CloudShell
# Affected version: v7.1.0.6508 (Patch 6)
# Patched version: v8 and up
# Credit: Benjamin Lee
# CVE ID: CVE-2017-9767
==
# Overview
Quali Cloud
CVE-2017-9802: Apache Sling XSS vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Sling Servlets Post 2.3.20
Description:
The Javascript method Sling.evalString() uses the javascript `eval`
function to parse input strings, which allows for XSS at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3943-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2017