[SECURITY] Fedora 18 Update: nodejs-npmconf-0.1.1-1.fc18

If you are interested in interacting with the config settings that npm uses, then use this module. However, if you are writing a new Node.js program, and want configuration functionality similar to what npm has, but for your own thing, then the author recommends rc. This module is for compatibili...

[SECURITY] Fedora 18 Update: nodejs-child-process-close-0.1.1-2.fc18

This module makes child process objects, created with spawn, fork, exec or execFile emit the close event in node v0.6 like they do in node v0.8. This makes it easier to write code that works correctly on both versions of node...

[SECURITY] Fedora 18 Update: nodejs-inherits1-1.0.0-11.fc18

A tiny simple way to do classic inheritance in JavaScript. This is the legacy version used by many Node.js modules for many years, and is retained for backward compatibility. New modules should use the inheritance functionality available in core Node.js or use the new version of inherits if they...

Oracle Linux 4 : kernel (ELSA-2010-0718)

From Red Hat Security Advisory 2010:0718 : Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...

Fedora 18 : ReviewBoard-1.7.11-1.fc18 (2013-11646)

New upstream release 1.7.11 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.11/ - Bug Fixes : - Fixed compatibility with Python 2.5 - Fixed the drop-down arrow by Support and the account name on older versions of Internet Explorer - New upstream release 1.7.10 -...

Oracle Linux 6 : rsyslog (ELSA-2012-0796)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0796 advisory. 5.8.10-2 - add patch to update information on debugging in the man page Resolves: 820311 - add patch to prevent debug output to stdout after forking Resolves:...

Oracle Linux 4 : firefox (ELSA-2010-0500)

From Red Hat Security Advisory 2010:0500 : An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having...

Updated kernel packages fix multiple security vulnerabilities

This kernel update provides the extended stable 3.8.13.4 kernel and fixes the follwing security issues: The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to...

apache-cxf: XML encryption backwards compatibility attacks

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 (wmvdmod.dll), and for Windows Media Player 11 and 12: July 9, 2013

None None...

DSA-2720-1 icedove - several

Bulletin has no description...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7954 / 7959 / 7960)

The SUSE Linux Enterprise 11 Service Pack 2 kernel was respun with the 3.0.80 update to fix a severe compatibility problem with kernel module packages KMPs like e.g. drbd. An incompatible ABI change could lead to those modules not correctly working or crashing on loading and is fixed by this...

apache-cxf: XML encryption backwards compatibility attacks

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

Mac OS X : Java for OS X 2013-004

The remote Mac OS X 10.7 or 10.8 host has a Java runtime that is missing the Java for OS X 2013-004 update, which updates the Java version to 1.6.051. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary...

apache-cxf: XML encryption backwards compatibility attacks

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

apache-cxf: XML encryption backwards compatibility attacks

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

Important: Red Hat Security Advisory: mesa security update

Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

[SECURITY] [DSA 2699-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2699-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 02, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2699-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution of arbitrary...

Fedora 17 : kdelibs3-3.5.10-53.fc17 (2013-8689)

This update fixes a low-impact security issue in the KDE 3 compatibility kdelibs3 version of kiohttp where it would print passwords contained in HTTP URLs in error and debugging messages CVE-2013-2074. Note that Tenable Network Security has extracted the preceding description block directly from...