-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2015-7521: Apache Hive authorization bug disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Hive 0.13.x
Apache Hive 0.14.x
Apache Hive 1.0.0 - 1.0.1
Apache Hive 1.1.0 - 1.1.1
Apache Hive 1.2.0 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04974114
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04974114
Version: 1
HPSBUX03437
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3482-1 secur...@debian.org
https://www.debian.org/security/ Sebastien Delafond
February 17, 2016
Advisory ID: HTB23284
Product: osCommerce
Vendor: osCommerce
Vulnerable Version(s): 2.3.4 and probably prior
Tested Version: 2.3.4
Advisory Publication: December 21, 2015 [without technical details]
Vendor Notification: December 21, 2015
Public Disclosure: February 17, 2016
Vulnerability Type:
Advisory ID: HTB23289
Product: DOKEOS
Vendor: DOKEOS
Vulnerable Version(s): ce30 and probably prior
Tested Version: ce30
Advisory Publication: January 7, 2016 [without technical details]
Vendor Notification: January 7, 2016
Public Disclosure: February 17, 2016
Vulnerability Type: Improper
Advisory ID: HTB23291
Product: webSPELL
Vendor: webSPELL.org
Vulnerable Version(s): 4.2.4 and probably prior
Tested Version: 4.2.4
Advisory Publication: January 22, 2016 [without technical details]
Vendor Notification: January 22, 2016
Vendor Patch: February 12, 2016
Public Disclosure:
Advisory ID: HTB23288
Product: TestLink
Vendor: TestLink Development Team
Vulnerable Version(s): 1.9.14 and probably prior
Tested Version: 1.9.14
Advisory Publication: January 7, 2016 [without technical details]
Vendor Notification: January 7, 2016
Vendor Patch: January 9, 2016
Public
Advisory ID: HTB23285
Product: osCmax
Vendor: http://oscmax.com/
Vulnerable Version(s): 2.5.4 and probably prior
Tested Version: 2.5.4
Advisory Publication: December 21, 2015 [without technical details]
Vendor Notification: December 21, 2015
Public Disclosure: February 17, 2016
Vulnerability