[slackware-security] blueman (SSA:2015-356-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] blueman (SSA:2015-356-01) New blueman packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--+

Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

Hi @ll, F-Secure's online virus scanner F-SecureOnlineScanner.exe, available via , loads and executes several rogue/bogus DLLs (UXTheme.dll, HNetCfg.dll, RASAdHlp.dll, SetupAPI.dll, ClbCatQ.dll, XPSP2Res.dll, CryptNet.dll, OLEAcc.dll

[SECURITY] [DSA 3430-1] libxml2 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3430-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2015

ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability EMC Identifier: ESA-2015-179 CVE Identifier: CVE-2015-6852 Severity Rating: CVSS v2 Base Score: 5.5 (AV:A/AC:L/Au:S/C:C/I:N/A:N) Affected products: EMC

Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16

Summary === Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * Unfiltered HTML injected into a dependency graph could be used to create a cross-site scripting attack. * Some web