-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05068681
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05068681
Version: 1
HPSBGN03569
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] mozilla-thunderbird (SSA:2016-095-01)
New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability
EMC Identifier: ESA-2016-034
CVE Identifier: CVE-2016-0888
Severity Rating: CVSS v3 Base Score: 8.8(AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected products:
Documentum D2
Hello All,
Those concerned about security of IBM Java [1] may find this post
interesting.
We discovered that a fix for a security vulnerability (Issue 67)
[2] we reported to the company in May 2013 didn't address the
problem properly.
This is the 6th instance of a broken patch we encountered
An invalid write may occur in optipng before version 0.7.6 while
processing bitmap images due to `crt_row' being (inc|dec)remented
without any boundary checking when encountering delta escapes.
optipng-0.7.5/src/pngxtern/pngxrbmp.c:
,
| 210 static size_t
| 211 bmp_read_rows(png_bytepp
[Systems Affected]
Product : ManageEngine Password Manager Pro
Company : ZOHO Corp.
Build Number : 8.1 to 8.3 and probably earlier versions
Affected Versions : 8102 to 8302 and probably earlier versions
[Product Description]
Password Manager Pro is a secure vault for storing and
Document Title:
===
FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename)
Persistent Web Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1687
Fortinet PSIRT ID: 1624561
Release Date:
=
Document Title:
===
Techsoft Web Solutions CMS (2016 Q2) - SQL Injection Web Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1810
Release Date:
=
2016-04-04
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Wordpress Scoreme Theme - Client Side Cross Site Scripting Web Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1808
Release Date:
=
2016-04-01
Vulnerability Laboratory ID (VL-ID):
Description:
A vulnerability in the file upload feature allows attackers to send
malicious csv files. By using the Microsoft Excel DDE function an
attacker can launch arbritary commands on the victims system.
Many companies don't allow xslx or docx files to be uploaded by
security testers,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3540-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 03, 2016
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3539-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
April 02, 2016
Product: Open-Xchange Server 6 / OX AppSuite
Vendor: Open-Xchange GmbH
Internal reference: 44409 (Bug ID)
Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.8.0 and earlier
Vulnerable component: backend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05068676
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05068676
Version: 1
HPSBGN03565
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] mercurial (SSA:2016-092-01)
New mercurial packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] php (SSA:2016-092-02)
New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04920918
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04920918
Version: 3
HPSBHF03431
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05054964
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05054964
Version: 1
HPSBUX03561
18 matches
Mail list logo