Craiglist Gold 'catid' Parameter SQL Injection Vulnerability
CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!
[slackware-security] ruby (SSA:2013-136-02)
[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)
APPLE-SA-2013-05-16-1 iTunes 11.0.3
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Posted by Sławomir Jabs on May 17Everything has a story, everything evolves, adapts to changing circumstances
but does your IT Sec strategy evolve with the development of the digital
Are you wiling to gamble on the security of you systems?
Join the upcoming CONFidence conference and meet both renown speakers and
specialists who deal with the IT security on a daily basis. People like,
you, who never stop asking questions and play with risks all the time...
Posted by Slackware Security Team on May 17[slackware-security] ruby (SSA:2013-136-02)
New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current
to fix a security issue.
Here are the details from the Slackware 14.0 ChangeLog:
This update fixes a security issue in DL and Fiddle included in Ruby where
tainted strings can be used by system calls regardless of the $SAFE...
Posted by Slackware Security Team on May 17[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)
New mozilla-thunderbird packages are available for Slackware64 13.37 and
14.0. These were accidentally omitted from the last upload.
Here are the details from the Slackware64 14.0 ChangeLog:
Here's the package that was missing from the last batch. The...
Posted by Apple Product Security on May 17APPLE-SA-2013-05-16-1 iTunes 11.0.3
iTunes 11.0.3 is now available and addresses the following:
Available for: Mac OS X v10.6.8 or later, Windows 7, Vista,
XP SP2 or later
Impact: An attacker in a privileged network position may manipulate
HTTPS server certificates, leading to the disclosure of sensitive
Description: A certificate validation issue existed in iTunes. In
certain contexts, an active network attacker could...
ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability
ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability
[slackware-security] mozilla-thunderbird (SSA:2013-135-02)
[slackware-security] mozilla-firefox (SSA:2013-135-01)
Version:next-20130517 (linux-next) Released:2013-05-17
OpenStack Keystone Tokens Validation Security Bypass Vulnerability
RETIRED: ownCloud Multiple Security Vulnerabilities
OpenStack Compute (Nova) CVE-2013-2096 Denial of Service Vulnerability
RETIRED: WebKit Multiple Unspecified Memory Corruption Vulnerabilities