A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS
Summary
Applications using libyaml-libyaml-perl could be made to crash if
they received specially crafted input.
Software description
libyaml-libyaml-perl
– Perl interface to libyaml, a YAML implementation
Details
Stanisław Pitucha and Jonathan Gray discovered that libyaml-libyaml-perl did not properly handle wrapped strings. An attacker could create specially crafted YAML data to trigger an assert, causing a denial of service.
Update instructions
The problem can be corrected by updating your system to the following
package version:
Technical Details:
“Internet Explorer XSS Filter Bypass Vulnerability” is done by…
1. Inject “a href” link into target page.
(Not script, allowed by filter)
2. User clicks this injected link.
(Clickjacking etc)
3. URL of this…
Yes, you should. For those out there who don’t routinely find
vulnerabilities, it is hard for them to understand that these issues
aren’t hard to find if you know what you’re looking for. Quite a few
bugs I’ve found in the past have been found by others independently
and published before I got around to it. It happens a LOT more than
people think.
Also, I think companies that sell security software should be…