BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 34 min 3 sec ago

[slackware-security] mozilla-thunderbird (SSA:2014-320-01)

November 17, 2014 - 7:19am

Posted by Slackware Security Team on Nov 17

[slackware-security] mozilla-thunderbird (SSA:2014-320-01)

New mozilla-thunderbird packages are available for Slackware 14.1 to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-31.2.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[SECURITY] [DSA 3073-1] libgcrypt11 security update

November 17, 2014 - 5:13am

Posted by Salvatore Bonaccorso on Nov 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-3073-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
November 16, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libgcrypt11
CVE ID : CVE-2014-5270

Daniel Genkin,...
Categories:

[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information

November 17, 2014 - 12:18am

Posted by security-alert on Nov 17

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04501908

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04501908
Version: 1

HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server
(iCAS) running OpenSSL, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as...
Categories:

CVE-2014-8683 XSS in Gogs Markdown Renderer

November 17, 2014 - 12:05am

Posted by Timo Schmid on Nov 17

XSS in Gogs Markdown Renderer
=============================
Researcher: Timo Schmid <tschmid () ernw de>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the github hosting plattform. Multiple users can
create
multiple repositories and share code with others with the git version
control
system. Repositories can be marked as public or private to...
Categories:

CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

November 16, 2014 - 11:56pm

Posted by Timo Schmid on Nov 17

Unauthenticated SQL Injection in Gogs repository search
=======================================================
Researcher: Timo Schmid <tschmid () ernw de>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the github hosting plattform. Multiple users can
create
multiple repositories and share code with others with the git version
control
system....
Categories: