[security bulletin] HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03805en_us Version: 4

[SECURITY] [DSA 4082-1] linux security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4082-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2018

CVE-2017-17485: one more way of rce in jackson-databind when defaultTyping+objects are used

Jackson-databind is a popular library in Java for JSON marshalling/unmarshalling. It has a feature called default-typing: when the target class has some polymorph fields inside (such as interfaces, abstract classes or the Object base class), the library can include type info into the JSON

[SECURITY] [DSA 4080-1] php7.0 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4080-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018

[slackware-security] irssi (SSA:2018-008-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] irssi (SSA:2018-008-01) New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--+

[SECURITY] [DSA 4081-1] php5 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4081-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018

Response to Meltdown and Spectre

By now, we're sure most everyone have heard of the Meltdown and Spectre attacks. If not, head over to https://meltdownattack.com/ and get an overview. Additional technical details are available from Google Project Zero.