Debianhelp.co.uk
Debian Security   [more] [xml]
 2014-10-23 DSA-3055 pidgin - security update

Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client:

 2014-10-20 DSA-3054 mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.40. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details:

 2014-10-16 DSA-3053 openssl - security update

Several vulnerabilities have been found in OpenSSL, the Secure Sockets Layer library and toolkit.

 2014-10-15 DSA-3052 wpa - security update

Jouni Malinen discovered an input sanitization issue in the wpa_cli and hostapd_cli tools included in the wpa package. A remote wifi system within range could provide a crafted string triggering arbitrary code execution running with privileges of the affected wpa_cli or hostapd_cli process.

 2014-10-15 DSA-3051 drupal7 - security update

Stefan Horst discovered a vulnerability in the Drupal database abstraction API, which may result in SQL injection.

 2014-10-15 DSA-3050 iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, the bypass of the same-origin policy or a loss of privacy.

 2014-10-14 DSA-3049 wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for RTP, MEGACO, Netflow, RTSP, SES and Sniffer, which could result in denial of service.

 2014-10-08 DSA-3048 apt - security update

Guillem Jover discovered that the changelog retrieval functionality in apt-get used temporary files in an insecure way, allowing a local user to cause arbitrary files to be overwritten.

 2014-10-08 DSA-3047 rsyslog - security update

Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss, denial of service and, potentially, remote code execution.

 2014-10-05 DSA-3046 mediawiki - security update

It was reported that MediaWiki, a website engine for collaborative work, allowed to load user-created CSS on pages where user-created JavaScript is not allowed. A wiki user could be tricked into performing actions by manipulating the interface from CSS, or JavaScript code being executed from CSS, on security-wise sensitive pages like Special:Preferences and Special:UserLogin. This update removes the separation of CSS and JavaScript module allowance.

 2014-10-04 DSA-3045 qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator:

 2014-10-04 DSA-3044 qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware:

 2014-10-04 DSA-3042 exuberant-ctags - security update

Stefano Zacchiroli discovered a vulnerability in exuberant-ctags, a tool to build tag file indexes of source code definitions: Certain JavaScript files cause ctags to enter an infinite loop until it runs out of disk space, resulting in denial of service.

 2014-10-01 DSA-3041 xen - security update

Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation.

 2014-09-30 DSA-3040 rsyslog - security update

Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

 2014-09-28 DSA-3039 chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser.

 2014-09-27 DSA-3038 libvirt - security update

Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library. The Common Vulnerabilities and Exposures project identifies the following problems:

 2014-09-26 DSA-3037 icedove - security update

Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library, embedded in Wheezy's Icedove), was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack.

 2014-09-26 DSA-3036 mediawiki - security update

It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting.

 2014-09-25 DSA-3035 bash - security update

Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment (CVE-2014-7169). With this update prefix and suffix for environment variable names which contain shell functions are added as hardening measure.

 2014-09-25 DSA-3034 iceweasel - security update

Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library, embedded in Wheezy's Iceweasel package), was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack.

 2014-09-25 DSA-3033 nss - security update

Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library) was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack.

 2014-09-24 DSA-3032 bash - security update

Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash has been configured as the system shell.


Debian Wiki   [more] [xml]
 2014-10-25T03:07:53Z minidlna
New page:
 2014-10-25T03:06:08Z Multimedia
 2014-10-25T00:51:41Z Derivatives/Census/Ubuntu

Linuxtoday.com   [more] [xml]
 Fri, 24 Oct 2014 15:00:00 -0700 Charting new licensing territories with the Open Definition standard

 OpenSource.com: Open Knowledge and the Open Definition Advisory Council have announced the release of version 2.0 of the Open Definition.

 Fri, 24 Oct 2014 14:00:00 -0700 Ziggurat, A Dungeon Crawling FPS Is Now Out Of Early Access & On Linux

 GamingOnLinux: Dungeon-Crawling First Person Shooting at its finest!

 Fri, 24 Oct 2014 13:00:00 -0700 Discover the Power of Konqueror

MakeTechEasier: If you’re a KDE user, you’ve probably heard of Konqueror.


OSNews   [more] [xml]
 Sat, 25 Oct 2014 02:05:18 GMT LG G Watch R review
Moto 360, a futuristic watch scooped up its share of praise before it'd even landed on store shelves. The now there's also the LG G Watch R, a device which tackles the smartwatch problem from a slightly different angle. Read the review here.
 Fri, 24 Oct 2014 07:41:23 GMT Ubuntu 14.10 Released With Ambitious Name, But Small Changes
Slashdot reports that Ubuntu 14.10, dubbed Utopic Unicorn, has been released today. PC World says that at first glance "isn't the most exciting update," with not so much as a new default wallpaper -- but happily so: it's a stable update in a stable series, and most users will have no pressing need to update to the newest version.
 Thu, 23 Oct 2014 03:59:52 GMT Apple iPad Air 2 review : Apple's best tablet yet, but is that enough?
The new iPad is thinner, lighter and faster, but its biggest draw is yesterday’s features: Touch ID and a better camera, says The Guardian. Also reviews at The Verge, and Engadget.

DistroWatch.com: News   [more] [xml]
 2014-10-25T00:49:27+00:00 Development Release: Trisquel GNU/Linux 7.0 RC
Rubén Rodríguez Pérez has announced the availability of the release candidate for the upcoming Trisquel GNU/Linux 7.0, a new version of the project's Ubuntu-based distribution built strictly from free software components only: "Trisquel 7.0 RC ISO images ready. Included are images for Trisquel, Trisquel 'Mini', and Trisquel 'Sugar'....
 2014-10-24T16:47:38+00:00 Development Release: FreeBSD 10.1-RC3
Glen Barber has announced the availability of the third and final release candidate for FreeBSD 10.1: "The third RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures. Some of the changes between....
 2014-10-24T12:08:31+00:00 Distribution Release: Ubuntu Kylin 14.10
Ubuntu Kylin is a special edition of Ubuntu tailored to Chinese speakers in mainland China. As has been the tradition over the past couple of years, a new version of Ubuntu Kylin has been released at the same time as Ubuntu 14.10: "We are glad to announce the....

powered by zFeeder

 

 

 

 

Translate to Spanish