Red Hat Enterprise Linux: Updated tzdata packages that add various enhancements are now available for Red
Hat Enterprise Linux 4, 5, 6, and 7.
Monthly Archives: April 2015
Consumers Don't Get the Value of Passwords to Hackers – News Factor Network
New Tool Fights Powerful Malware That Holds Your Data Hostage – The Huffington Post
Kaspersky Releases A CoinVault Ransomware Remover – Tech Crunch
Elite Cyber Crime Group Strikes Back After Attack by Rival APT Gang – Ars Technica
Android Security Apps Continue to Improve in Latest AV-Test Report – PC Magazine
Microsoft, Kaspersky Take Down Fast-Spreading Simda Botnet – eWeek
CVE-2015-0845
Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates.
CVE-2015-1318
The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).
CVE-2015-1852
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the “insecure” option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.