[SECURITY] [DSA 2766-1] linux-2.6 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-2766-1secur...@debian.org http://www.debian.org/security/ Dann Frazier September 27, 2013

[ MDVSA-2013:243 ] polkit

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:243 http://www.mandriva.com/en/support/security/

[IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert

[ PHP IDNA Convert Cross-site scripting ( XSS ) ] [ Vendor product description] PHP Net_IDNA is a class to convert between the Punycode and Unicode formats. Punycode is a standard described in RFC 3492 and part of IDNA (Internationalizing Domain Names in Applications [RFC3490]) . This class

Linux Kernel Patches For Linux Kernel Security

Hi forks! I release an article for linux kernel security. - http://www.x90c.org/articles/linux_kernel_patches.txt x90c

[slackware-security] seamonkey (SSA:2013-271-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] seamonkey (SSA:2013-271-01) New seamonkey packages are available for Slackware 14.0 and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--+

[SECURITY] [DSA 27671-1] proftpd-dfsg security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2767-1 secur...@debian.org http://www.debian.org/security/Nico Golde September 29, 2013

[CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability

- Affected Vendor: http://metaclassy.com/ - Affected Software: Byword for iOS - Affected Version: 2.x prior to 2.1 - Issue Type: Lack of validation/user confirmation leading to destruction of data - Release Date: 29 Sept 2013 - Discovered by: Guillaume Ross - CVE Identifier: CVE-2013-5725 -

Firefox for Android - Same-origin bypass through symbolic links

CVE Number: CVE-2013-1727 Vender Identifier: MFSA 2013-84 Title: Firefox for Android - Same-origin bypass through symbolic links Affected Software: Prior to v24 (confirmed on v14) Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status:

Open-Xchange Security Advisory 2013-09-30

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28642 (Bug ID) Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page) Vulnerable version: prior to 7.2.2 Vulnerable component: backend Fixed version: 7.0.2-rev16, 7.2.2-rev20

[ MDVSA-2013:244 ] davfs2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:244 http://www.mandriva.com/en/support/security/

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic.

Details === Application: HylaFAX+ Version: 5.2.4 (April, 2008) through 5.5.3 (August 6, 2013) Type: Daemon that manages a fax server via an FTP-like protocol. Vendor / Maintainer: Lee Howard (faxguy _at_ howardsilvan.com) Project Homepage:

CFP: WorldCIST'14 - World Conference on IST, at Madeira Island

Apologies if you are receiving this mail more than once... ** WorldCIST'14 The 2014 World Conference on Information Systems and Technologies April 15 - 18, Madeira Island,

iOS: List of available trusted root certificates

From iOS: List of available trusted root certificates, http://support.apple.com/kb/HT5012. There's no reason to allow some of this to occur in 2013. As a proxy-relying-party, Apple is responsible for this stuff because users are not allowed to make the decisions or modify the Trust Store. For