[SECURITY] [DSA 4610-1] webkit2gtk security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4610-1 secur...@debian.org https://www.debian.org/security/ Alberto Garcia January 29, 2020

APPLE-SA-2020-1-29-1 iCloud for Windows 7.17

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-29-1 iCloud for Windows 7.17 iCloud for Windows 7.17 addresses the following: ImageIO Available for: Windows 7 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An

APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2 iCloud for Windows 10.9.2 is now available and addresses the following: ImageIO Available for: Windows 10 and later via the Microsoft Store Impact: Processing a maliciously crafted image may lead to

[SECURITY] [DSA 4611-1] opensmtpd security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4611-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 29, 2020

FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-20:02.ipsec Security Advisory The FreeBSD Project Topic:

FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-20:01.libfetch Security Advisory The FreeBSD Project Topic:

APPLE-SA-2020-1-28-3 watchOS 6.1.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-28-3 watchOS 6.1.2 watchOS 6.1.2 is now available and addresses the following: AnnotationKit Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or

APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1 iOS 13.3.1 and iPadOS 13.3.1 are now available and address the following: Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation

APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address the

FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-20:03.thrmiscSecurity Advisory The FreeBSD Project Topic:

APPLE-SA-2020-1-28-5 Safari 13.0.5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-28-5 Safari 13.0.5 Safari 13.0.5 is now available and addresses the following: Safari Available for: macOS Mojave and macOS High Sierra, and included in macOS Catalina Impact: Visiting a malicious website may lead to address bar

APPLE-SA-2020-1-28-4 tvOS 13.3.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-28-4 tvOS 13.3.1 tvOS 13.3.1 is now available and addresses the following: Audio Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with system privileges Description: A memory

APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4 iTunes for Windows 12.10.4 is now available and addresses the following: Mobile Device Service Available for: Windows 7 and later Impact: A user may gain access to protected parts of the file system

Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong)

Hi @ll, (a long[er] form of the following advisory is available at ) With Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG linker option, a security feature to restrict or limit the search path for DLLs: | On supported operating

LPE and RCE in OpenSMTPD (CVE-2020-7247)

Qualys Security Advisory LPE and RCE in OpenSMTPD (CVE-2020-7247) == Contents == Summary Analysis Exploitation Acknowledgments