Updated fail2ban packages fix security issues

An update to fail2ban 0.8.13 has been released to fix security issues, amongst other bugfixes. fail2ban versions prior to 0.8.11 would allow a remote unauthenticated attacker to cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...

[SECURITY] Fedora 19 Update: squid-3.3.12-1.fc19

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Faceless: Blocking yourself

I dont know if it's eligible but it is a bug that you can block your self in Faceless. Procedure: I made a post then I comment in that post then I hold the comment I made and there's a new window prompted and I block myself and another prompt saying that "You will no longer recieve messages from...

[SECURITY] Fedora 20 Update: squid-3.3.12-1.fc20

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Google DNS Intercepted in Turkey

Internet service providers in Turkey have been intercepting traffic to Google’s DNS servers and redirecting it, shutting off a workaround that Turkish users had employed to get to sites such as Twitter and YouTube after the government had blocked them. Google software engineers said they had...

Debian DSA-2891-1 : mediawiki, mediawiki-extensions Multiple Vulnerabilities

The remote Debian host is missing a security update. It is, therefore, affected by multiple vulnerabilities in MediaWiki : - A cross-site scripting XSS vulnerability exists due to a failure to validate input before returning it to the user. An unauthenticated, remote attacker can exploit this, vi...

ES7 async functions

They're brilliant. They're brilliant and I want laws changed so I can marry them. Update: This feature is now shipping in browsers. I've written a more up-to-date and in-depth guide. Async with promises In the HTML5Rocks article on promises, the final example show how you'd load some JSON data fo...

Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies

Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices. A Linux worm named Linux.Darlloz, earlier used to target Internet of Things IoT devices, i.e. Home Routers, Set-top...

MGASA-2014-0124 Updated mediawiki packages fix multiple vulnerabilities

Updated mediawiki packages fix security vulnerabilities: MediaWiki before 1.22.3 does not block unsafe namespaces, such as a W3C XHTML namespace, in uploaded SVG files. Some client software may use these namespaces in a way that results in XSS. This was fixed by disallowing uploading SVG files...

Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)

...

SuSE Update for chromium openSUSE-SU-2014:0243-1 (chromium)

Check for the Version of chromium OpenVAS Vulnerability Test $Id: gbsuse201402431.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for chromium openSUSE-SU-2014:0243-1 chromium Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

CVE-2013-7176

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

Design/Logic Flaw

config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

Design/Logic Flaw

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

UBUNTU-CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...

CVE-2013-7176

CVE-2013-7176 affects Fail2ban, where config/filter.d/postfix.conf in the Fail2ban filter could allow a remote attacker to trigger an IP ban on an arbitrary address via a crafted email address due to an improperly designed regular expression. The issue is addressed in Debian security advisories w...

CVE-2013-7177

config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression...