[SECURITY] Fedora 22 Update: slapi-nis-0.54.2-1.fc22

This package provides two plugins for Red Hat and 389 Directory Server. The NIS Server plugin allows the directory server to act as a NIS server for clients, dynamically generating and updating NIS maps according to its configuration and the contents of the DIT, and serving the results to clients...

Fedora 22 : ca-certificates-2015.2.3-1.0.fc22 (2015-4722)

This is an update to the set of CA certificates released with NSS version 3.18 However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details. If you prefer to use the unchanged list provided by Mozilla, an...

Scientific Linux Security Update : ipa and slapi-nis on SL7.x x86_64 (20150326)

The ipa component provides centrally managed Identity, Policy, and Audit. The slapi-nis component provides NIS Server and Schema Compatibility plug- ins for Directory Server. It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling...

Debian DLA-92-1 : tomcat-native security followup update

This is an upgrade from tomcat-native 1.1.20 the version previously available in squeeze to 1.1.31, the full list of changes between these versions can be seen in the upstream changelog, which is available online at http://tomcat.apache.org/native-doc/miscellaneous/changelog.html This update itse...

Web Application Bruteforcer: 0d1n

0d1n is a Open Source web application bruteforcer and Fuzzer. If your objective is automate exhaustive tests and search for anomalies read vulnerabilities 0d1n can increase your productivity following web parameters, files, directories, forms and other things. With 0d1n you can brute force...

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2015:0327 Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS bas...

Yahoo Previews End To End Email Encryption

Following up on a promise it made during last summer’s Black Hat, Yahoo on Sunday said it’s on track to deliver end-to-end encryption for its email users this year. And to that end, it released the early source code for the Yahoo encryption browser extension to GitHub. Chief information security...

[SECURITY] Fedora 22 Update: compat-libuv010-0.10.34-1.fc22

Compatibility libuv library for nodejs 0.10.x...

Memory corruption

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web Applications 2010 SP...

Maligno v2.0 - Metasploit Payload Server

Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...

Fedora 22 : csync2-1.34-15.fc22 / duplicity-0.6.25-3.fc22 / librsync-1.0.0-1.fc22 / etc (2015-2923)

Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...

TextSecure to Drop Support for Encrypted SMS

Open Whisper Systems is phasing out support for encrypted SMS and MMS messages in its TextSecure messaging product. The move does not spell the end for encrypted messaging for users of the Android app, as the company plans to switch to its own transport protocol to address some of the security an...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Android Wear App for iPhone and iPad compatibility may Launch Soon

As you may be aware, you need an Android smartphone to use an Android Wear smartwatch, but if you carry an Apple iPhone or iPad, you’ll soon be able to use the same Android Wear smartwatch, without relying on unofficial third-party app support. Google is reportedly going to release its a new iOS...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3032328)

This host is missing an important security update according to Microsoft Bulletin MS15-012. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Creaking Patch Tuesday's Viability Rests with Quality, Speed

Today is Patch Tuesday, the 11-year-old procession of security bulletins from Microsoft streamed out automatically to consumers of Windows Update, and pulled en masse by enterprise admins worldwide needing to test each for compatibility. This is how it’s been done since shortly after Bill Gates’...

PT-2015-4438 · Microsoft · Office Compatibility Pack +3

Name of the Vulnerable Software and Affected Versions: Microsoft Excel versions 2007 SP3 through 2013 Gold, SP1, and RT Excel Viewer Office Compatibility Pack SP3 Office 2010 SP2 Description: A remote code execution issue exists due to improper handling of objects in memory while parsing speciall...

SUMo - Software Update Monitor

SUMo S oftware U pdate Mo nitor keeps your PC up-to-date & safe by using the most recent version of your favorite software ! Unlike built-in auto update features, SUMo tells you if updates are available before you need to use your software. Features Automatic detection of installed software Detec...

Debian DSA-3140-1 : xen - security update

Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. - CVE-2014-8594 Roger Pau Monne and Jan Beulich discovered that incomplete restrictions on MMU update hypercalls may result in...

Debian Security Advisory DSA 3140-1 (xen - security update)

Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. CVE-2014-8594 Roger Pau Monne and Jan Beulich discovered that incomplete restrictions on MMU update hypercalls may result in...