guile2 -- multiple vulnerabilities

Ludovic Courtès reports: The REPL server is vulnerable to the HTTP inter-protocol attack The ‘mkdir’ procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process’ umask to zero. During that time window, in a multithreaded application, other threads...

Phire CMS 2.0.0 Cross Site Scripting

Title Phire CMS HTTP Request POST /phirecms/phire/config HTTP/1.1 Headers: ... Post Data: datetimeformat=&datetimeformatcustom=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E&pagination=25&systemtheme=default&submit=Save HTTP Response...

[SECURITY] Fedora 23 Update: python-2.7.11-8.fc23

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

[SECURITY] Fedora 23 Update: perl-5.22.2-354.fc23

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

Medium: golang

Issue Overview: An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's...

[SECURITY] Fedora 24 Update: python-2.7.12-2.fc24

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

Security update for MozillaFirefox, mozilla-nss (important)

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements. The following major changes are included: - Process separation e10s is enabled for some users - Add-ons that have not been verified and signed by Mozilla will not load - WebRTC enhancements - The...

[SECURITY] Fedora 24 Update: perl-5.22.2-362.fc24

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

[SECURITY] Fedora 23 Update: golang-1.5.4-2.fc23

The Go Programming Language...

[SECURITY] Fedora 24 Update: golang-1.6.3-1.fc24

The Go Programming Language...

DLA-565-1 perl - security update

Bulletin has no description...

DSA-3628-1 perl - security update

Bulletin has no description...

CVE-2016-5386

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI...

Drupal Security Bypass Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. Drupal has security bypass vulnerabilities that could be exploited by remote attackers to bypass security restrictions...

[SECURITY] Fedora 22 Update: perl-5.20.3-332.fc22

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

[SECURITY] Fedora 24 Update: python-2.7.11-8.fc24

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

RHEL 7 : ocaml (RHSA-2016:1296)

An update for ocaml is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Perl 5.22 Buffer Overflow Vulnerability

Binary data 802000.prm...

The vulnerability of the libxml2 library and the PHP interpreter allows attackers to trigger a service failure.

The vulnerability of the xslextfunctionphp function ext/xsl/xsltprocessor.c in the libxml2 library and the PHP interpreter is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure dereferencing the null pointer...

CVE-2016-3959

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service infinite loop via a crafted public key to a program that uses HTTPS client...