[SECURITY] [DSA 3162-1] bind9 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3162-1 secur...@debian.org http://www.debian.org/security/Florian Weimer February 18, 2015

[SECURITY] [DSA 3163-1] libreoffice security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3163-1 secur...@debian.org http://www.debian.org/security/Alessandro Ghedini February 19, 2015

iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...

Hi @ll, the just released iTunes 12.1.1 for Windows still comes with outdated and VULNERABLE 3rd party libraries and vulnerable command lines: In AppleMobileDeviceSupport.msi: * libeay32.dll and ssleay32.dll 0.9.8za from 2014-06-05 The current version is 0.9.8ze and has 21 security fixes

Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames)

Hi @ll, in order to prevent the start of the defunct USENET news client (alias Windows Mail) that Microsoft installs with Windows 7 and later versions of Windows as Microsoft Outlook NewsReader, the installation of all editions of Microsoft Office 2010 which include Microsoft Outlook 2010 as well