-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3027-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
September 17, 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3028-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
September 17, 2014
As we approach the end of 2014, CVE identifiers are getting closer and
closer to the magic CVE-2014- mark, which means that MITRE will be
issuing a 5-digit CVE ID within a matter of months, in accordance with
the new syntax that was selected in 2013 (basically using 5, 6, or
even more digits
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1
Safari 6.2 and Safari 7.1 are now available and address the
following:
Safari
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: An attacker with a privileged network position
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update
2014-004
OS X Mavericks 10.9.5 and Security Update 2014-004 are now available
and address the following:
apache_mod_php
Available for: OS X Mavericks 10.9 to 10.9.4
Impact: Multiple
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-5 OS X Server 3.2.1
OS X Server 3.2.1 is now available and addresses the following:
CoreCollaboration
Available for: OS X Mavericks v10.9.5 or later
Impact: A remote attacker may be able to execute arbitrary SQL
queries
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-6 OS X Server 2.2.3
OS X Server 2.2.3 is now available and addresses the following:
CoreCollaboration
Available for: OS X Mountain Lion v10.8.5
Impact: A remote attacker may be able to execute arbitrary SQL
queries
Description:
hope that it will help promote public safety. This advisory comes with
absolutely NO WARRANTY; not even the implied warranty of merchantability or
fitness for a particular purpose. Neither Virtual Security Research, LLC nor
the author accepts any liability for any direct, indirect, or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
VSR Security Advisory
http://www.vsecurity.com/
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Advisory Name: Apple Foundation NSXMLParser XML eXternal Entity (XXE)
Document Title:
===
Oracle Corporation MyOracle - Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1261
Oracle Security ID (Team Tracking ID): ad...@vulnerability-lab.com-001:2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-7 Xcode 6.0.1
Xcode 6.0.1 is now available and addresses the following:
subversion
Available for: OS X Mavericks v10.9.4 or later
Impact: A malicious attacker may be able to cause Subversion
to terminate unexpectedly
As we approach the end of 2014, CVE identifiers are getting closer and
closer to the magic CVE-2014- mark, which means that MITRE will be
issuing a 5-digit CVE ID within a matter of months, in accordance with
the new syntax that was selected in 2013 (basically using 5, 6, or
even more digits
Asterisk Project Security Advisory - AST-2014-009
ProductAsterisk
SummaryRemote crash based on malformed SIP subscription
requests
Asterisk Project Security Advisory - AST-2014-010
ProductAsterisk
SummaryRemote crash when handling out of call message in
certain dialplan configurations
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3025-2 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
September 18, 2014
The following CVE's have been assigned for this issues:
CVE-2014-6435 - Potential DoS attack
Link to OSVDB ID: 111432 - http://osvdb.org/show/osvdb/111432
CVE-2014-6436 - Broken Session Management
Link to OSVDB ID: 111433 - http://osvdb.org/show/osvdb/111433
CVE-2014-6437 - File and Data
16 matches
Mail list logo
