MGASA-2014-0144 Updated stunnel package fixes security vulnerability

A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset...

rpi-update tmpfile vulnerability

Raspberry Pi Firmware Updater Vulnerability Application: https://github.com/Hexxeh/rpi-update/ Version Tested: Github source as of 10ad1e975a 10th Feb commit Vulnerability 1: A malicious user can clobber any file due to insecure tmp file handling. Example: Any unprivileged user can create the...