FreeBSD : FreeBSD -- sendmail improper close-on-exec flag handling (6d9eadaf-6007-11e6-a6c3-14dae9d210b8)

There is a programming error in sendmail8 that prevented open file descriptors have close-on-exec properly set. Consequently a subprocess will be able to access all open files that the parent process have open. Impact : A local user who can execute their own program for mail delivery will be able...

[SECURITY] Fedora 24 Update: python-2.7.12-2.fc24

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

Security update for MozillaFirefox, mozilla-nss (important)

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements. The following major changes are included: - Process separation e10s is enabled for some users - Add-ons that have not been verified and signed by Mozilla will not load - WebRTC enhancements - The...

[SECURITY] Fedora 24 Update: perl-5.22.2-362.fc24

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

[SECURITY] Fedora 23 Update: golang-1.5.4-2.fc23

The Go Programming Language...

[SECURITY] Fedora 24 Update: golang-1.6.3-1.fc24

The Go Programming Language...

DLA-565-1 perl - security update

Bulletin has no description...

Parrot OS 3.1 (Defcon) - Friendly OS designed for Pentesting, Computer Forensic, Hacking, Cloud pentesting, Privacy/Anonimity and Cryptography

Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. Who can use it Parrot is designed for everyone, from the Pro...

[SECURITY] Fedora 24 Update: libarchive-3.2.1-3.fc24

Libarchive is a programming library that can create and read several differ ent streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

Multi Gigabit Packet Capturing: PFQ

PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission 10G and beyond, in-kernel functional processing and packets steering across sockets/end-points. PFQ is highly optimized for multi-core architecture, as well as for...

Foreman API and UI Privilege Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A privilege-lifting vulnerability exists in the Foreman API and UI. When a restricted user from a specif...

DSA-3628-1 perl - security update

Bulletin has no description...

Design/Logic Flaw

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI...

[SECURITY] Fedora 23 Update: perl-5.22.2-353.fc23

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

[SECURITY] Fedora 24 Update: perl-5.22.2-361.fc24

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

CVE-2016-5386

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI...

Drupal Security Bypass Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. Drupal has security bypass vulnerabilities that could be exploited by remote attackers to bypass security restrictions...

[SECURITY] Fedora 22 Update: perl-5.20.3-332.fc22

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

CVE-2016-4529

Schneider Electric SoMachine HVAC programming software for M171/M172 Controllers contains an unsafe ActiveX control (AxEditGrid) with a SetDataIntf dereference vulnerability. The flaw allows remote code execution via an attacker-supplied memory address in the untrusted pointer dereference within ...

CVE-2016-4529

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFEFORUNTRUSTEDCALLER aka safe for scripting flag...