Original release date: October 07, 2014
Oracle has released security updates to address bash vulnerabilities found across multiple products.
US-CERT recommends users and administrators review the Oracle Security Article for additional details, and apply updates as necessary.
This product is provided subject to this Notification and this Privacy & Use policy.
Nessus Web UI version 2.3.3 suffers from a persistent cross site scripting vulnerability.
Original release date: October 07, 2014
Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS, some of which could potentially allow an attacker to take control of the affected system or cause a denial of service condition.
Updates available include:
Users and administrators are encouraged to review the Google Chrome blog entries 1, 2 and 3, and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Bugzilla Security Advisory – Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.
CPUMiner versions prior to 2.4.1 suffer from a stack overflow vulnerability.
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
New reflected distributed denial of service attack techniques are increasing the volume of each attack as well as the overall frequency of large-scale DDoS attacks.
Twitter has filed a lawsuit in federal court asking that the United States Department of Justice’s prohibitions on publishing the number and kind of government requests for data the company receives be declared unconstitutional. The suit claims that the rules infringe on Twitter’s right to free speech by requiring that the company “engage in speech […]
CentOS Errata and Bugfix Advisory 2014:1363 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1363.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 9dd4644ca7404cf3dddad613977b02ee4bca3f003dffda38bd97573b496effd3 at-3.1.13-17.el7_0.1.x86_64.rpm 711dac18746220c0ba7c8636587734a8686e4ff1703219ef0e82df01fadf4ac2 at-sysvinit-3.1.13-17.el7_0.1.x86_64.rpm Source: c25678308970744e2bd12c5429ae263d2ee6af1b3ea158f6a3d9c65e74cb2d92 at-3.1.13-17.el7_0.1.src.rpm
CentOS Errata and Bugfix Advisory 2014:1362 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1362.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 69ae958a1041c898d7f3ae4127f214ec542db0449626d420b911df9f30193e4f at-3.1.10-44.el6_5.2.i686.rpm x86_64: 7a409d370df858e752e940f8ce430717322e9e10f9d5e11afdd88b597b0f58bd at-3.1.10-44.el6_5.2.x86_64.rpm Source: fa069ec81e4a29c45e19b0f3398b2e65632e90c138da3cf7d313a3b0102f5476 at-3.1.10-44.el6_5.2.src.rpm