JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

Bitly Developing Two Factor Authentication Following Compromise

The link-shortening service Bitly announced late last week that it’s ramping up its development of two-factor authentication following a compromise that leaked user information on Thursday. The breach, first discovered Thursday morning, spilled users’ email addresses, encrypted salted and hashed...

[SECURITY] Fedora 19 Update: php-5.5.12-1.fc19

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 19 Update: qt5-qtbase-5.2.1-8.fc19

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

Fedora Update for python-django15 FEDORA-2014-5486

Check for the Version of python-django15 OpenVAS Vulnerability Test Fedora Update for python-django15 FEDORA-2014-5486 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

[SECURITY] Fedora 19 Update: python-django-1.5.6-1.fc19

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 20 Update: python-django14-1.4.11-1.fc20

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 20 Update: python-pillow-2.2.1-4.fc20

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...

[SECURITY] Fedora 20 Update: python-django-1.6.3-1.fc20

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 19 Update: python-pillow-2.0.0-13.gitd1c6db8.fc19

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...

[SECURITY] Fedora 20 Update: python-django15-1.5.6-1.fc20

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

KLA10001 Multiple vulnerabilities in Oracle Java Runtime Environment & Java Development Kit

Multiple serious vulnerabilities have been found in Oracle Java Runtime Environment & Java Development Kit: 5.61, 6.71, 7.51, 8. Malicious use of these vulnerabilities can affect confidentiality, integrity and availability, cause denial of service, obtain sensitive information or overwrite...

The White House and Zero Day Sleight of Hand

The White House wants you to know that it did not know about the OpenSSL Heartbleed vulnerability before you did. The White House also wants you to know that administration officials don’t think stockpiling zero days isn’t necessarily good for national security. That’s all well and good, except...

New NIST AppVet Aims to Streamline Application Security

Apple and Google put developers’ apps through a relatively vigorous screening process before they make their way into their respective app stores. Now developers who produce apps intended for use on internal networks at government agencies can get a vetting process of their own. The National...

USN-2169-1: Django vulnerabilities

Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse function. An attacker could use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution. CVE-2014-0472 Paul McMillan discovered that Django...

SAP Sybase SQL Anywhere OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 SAP Sybase SQL Anywhere是一套全面的解决方案,它提供了数据管理、同步和数据交换技术,可快速在远程和移动环境中开发并配置数据库驱动的应用程序。 SAP Sybase SQL Anywhere所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 SAP Sybase SQL Anywhere 12.x SAP Sybase SQL Anywhere 16.x SAP Sybase SQL...

OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...

JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

OpenJDK: insufficient security checks (JAXWS, 8017505)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS...

OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect...