Feed aggregator

APPLE-SA-2014-11-17-1 iOS 8.1.1

BugTraq Latest Security Advisories - November 17, 2014 - 11:34pm

Posted by Apple Product Security on Nov 18

APPLE-SA-2014-11-17-1 iOS 8.1.1

iOS 8.1.1 is now available and addresses the following:

CFNetwork
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Website cache may not be fully cleared after leaving private
browsing
Description: A privacy issue existed where browsing data could
remain in the cache after leaving private browsing. This issue was
addressed through a change in caching behavior....
Categories:

Bugtraq: [slackware-security] mozilla-thunderbird (SSA:2014-320-01)

Security Focus Latest Security Advisories - November 17, 2014 - 11:30pm
[slackware-security] mozilla-thunderbird (SSA:2014-320-01)
Categories:

Bugtraq: [SECURITY] [DSA 3073-1] libgcrypt11 security update

Security Focus Latest Security Advisories - November 17, 2014 - 11:30pm
[SECURITY] [DSA 3073-1] libgcrypt11 security update
Categories:

Bugtraq: [security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information

Security Focus Latest Security Advisories - November 17, 2014 - 11:30pm
[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information
Categories:

Bugtraq: CVE-2014-8683 XSS in Gogs Markdown Renderer

Security Focus Latest Security Advisories - November 17, 2014 - 11:30pm
CVE-2014-8683 XSS in Gogs Markdown Renderer
Categories:

[slackware-security] mozilla-thunderbird (SSA:2014-320-01)

BugTraq Latest Security Advisories - November 17, 2014 - 7:19am

Posted by Slackware Security Team on Nov 17

[slackware-security] mozilla-thunderbird (SSA:2014-320-01)

New mozilla-thunderbird packages are available for Slackware 14.1 to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-31.2.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

Bugtraq: CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

Security Focus Latest Security Advisories - November 17, 2014 - 6:15am
CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs
Categories:

[SECURITY] [DSA 3073-1] libgcrypt11 security update

BugTraq Latest Security Advisories - November 17, 2014 - 5:13am

Posted by Salvatore Bonaccorso on Nov 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-3073-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
November 16, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libgcrypt11
CVE ID : CVE-2014-5270

Daniel Genkin,...
Categories:

Bugtraq: Re: CVE-2014-8732

Security Focus Latest Security Advisories - November 17, 2014 - 5:00am
Re: CVE-2014-8732
Categories:

next-20141117: linux-next

Linux Kernel Updates - November 17, 2014 - 3:59am
Version:next-20141117 (linux-next) Released:2014-11-17

[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information

BugTraq Latest Security Advisories - November 17, 2014 - 12:18am

Posted by security-alert on Nov 17

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04501908

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04501908
Version: 1

HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server
(iCAS) running OpenSSL, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as...
Categories:

CVE-2014-8683 XSS in Gogs Markdown Renderer

BugTraq Latest Security Advisories - November 17, 2014 - 12:05am

Posted by Timo Schmid on Nov 17

XSS in Gogs Markdown Renderer
=============================
Researcher: Timo Schmid <tschmid () ernw de>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the github hosting plattform. Multiple users can
create
multiple repositories and share code with others with the git version
control
system. Repositories can be marked as public or private to...
Categories:

Bugtraq: Re: CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
Re: CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2
Categories:

Bugtraq: Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731]

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731]
Categories:

Bugtraq: [SECURITY] [DSA 3050-3] iceweasel security update

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
[SECURITY] [DSA 3050-3] iceweasel security update
Categories:

Vuln: Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
Categories:

Vuln: Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
Categories:

Vuln: Moodle CVE-2014-7833 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
Moodle CVE-2014-7833 Information Disclosure Vulnerability
Categories:

Vuln: cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
Categories:

Vuln: cURL/libcURL NTLM connection Remote Security Bypass Vulnerability

Security Focus Latest Security Advisories - November 17, 2014 - 12:00am
cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
Categories: