[SECURITY] Fedora 22 Update: owncloud-8.0.10-1.fc22

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

java-1.8.0-openjdk security update

1:1.8.0.71-1.b15 - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves: rhbz1295751 1:1.8.0.71-0.b15 - January 2016 security update to u71b15. - Improve verbosity and helpfulness of tarball generation script. - Update patch documentation using version originally...

java-1.8.0-openjdk security update

1:1.8.0.71-2.b15 - Add md5sum for previous java.security file so it gets updated. - Resolves: rhbz1295753 1:1.8.0.71-1.b15 - Restore upstream version of system LCMS patch removed by 'sync with Fedora' - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves:...

CVE-2015-8611

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management AOM subsystem, which might allow remote attackers to obtain login access to AOM via an 1 expir...

CVE-2015-8611

The CVE-2015-8611 issue affects BIG-IP components (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM) on the 2000/4000/5000/7000/10000 platforms running 12.0.0 before HF1. The root cause is failure to sync passwords from the BIG-IP AOM (Always-On-Management) subsystem, which could all...

F5 Networks BIG-IP : BIG-IP AOM password sync vulnerability (SOL05272632)

BIG-IP systems on the 2000, 4000, 5000, 7000, and 10000 platforms may fail to sync passwords to the Always-On-Management AOM. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL05272632. The text description o...

F5 BIG-IP - BIG-IP AOM password sync vulnerability CVE-2015-8611

The remote host is missing a security patch. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

grub2 security, bug fix, and enhancement update

2.02-0.29.0.1 - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms bug 19231481 - update Oracle Linux certificates Alexey Petrenko - Put 'with' in menuentry instead of 'using' bug 18504756 - Use different titles for UEK and RHCK kernel...

Adobe Premiere Clip v1.1.1 iOS - Persistent Vulnerability

Document Title: =============== Adobe Premiere Clip v1.1.1 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1478 PSIRT ID: 3721 Video: http://www.vulnerability-lab.com/getcontent.php?id=1479 Bulletin:...

[SECURITY] Fedora 21 Update: owncloud-8.0.9-1.fc21

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

[SECURITY] Fedora 23 Update: owncloud-8.0.9-1.fc23

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

nss, nss-util, and nspr security update

nspr 4.10.8-2 - Resolves: Bug 1269360 - CVE-2015-7183 - nspr: heap-buffer overflow in PLARENAALLOCATE can lead to crash under ASAN, potential memory corruption nss 3.19.1-5.0.1 - Added nss-vendor.patch to change vendor 3.19.1-5 - Rebuild against updated NSPR 3.19.1-4 - Sync up with the rhel-6.6...

CVE-2015-7829

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete...

Sql injection

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete...

CVE-2015-7829

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete...

NTP: Multiple vulnerablities

Background NTP contains software for the Network Time Protocol. Description Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or...

CVE-2013-2056

The Inter-Satellite Sync ISS operation in Red Hat Network RHN Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call...

BitTorrent Fixes Reflective DDoS Attack Security Flaw

Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service DDoS attack, allowing lone hackers with limited resources to take down large websites. Good news is that the...

Popular Download Service μTorrent wants you to pay for its Software

Just to enhance the services being rendered. The popular peer-to-peer file sharing software application is aiming to achieve new heights by making their software be a paid scheme. uTorrent is one of the clients of BitTorrent Inc. the parent company which implements a BitTorrent protocol. Where ea...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 srctrack, 2 usemfstmpsize, or 3 usemfsvarsize parameter to systemadvancedmisc.php; the 4 port, 5 snaplen, or 6 count parameter to diagpacketcapture.php...