Red Hat Security Advisory 2015-1115-01 – OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.
Monthly Archives: June 2015
Ubuntu Security Notice USN-2642-1
Ubuntu Security Notice 2642-1 – Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
Ubuntu Security Notice USN-2641-1
Ubuntu Security Notice 2641-1 – Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
Ubuntu Security Notice USN-2644-1
Ubuntu Security Notice 2644-1 – Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
eBay Security Assessment
Posted by cosmin0maier on Jun 15
Web Application Security Report
m.ebay.com Multiple Vulnerabilities
[1]: Cross-site Scripting – Stored XSS
The iOS, Android application and m.ebay.com website has a section called
“Followed Search” These followed search, by default, are pre-defined links to sections of eBay. It is possible for a
user to edit the list of followed search and to add their own
[2]: HTML Injection
Full report available:…
CESA-2015:1115 Moderate CentOS 6 openssl SecurityUpdate
CentOS Errata and Security Advisory 2015:1115 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1115.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: aeb1ce9586380db077c6ed640fd8343c7dc9e81522c51761b3c73f3aa54f2c1c openssl-1.0.1e-30.el6.11.i686.rpm 67aac300b57fc2a6ce20491ec3e152679dea33c290d1ecdadc386f662708ac9f openssl-devel-1.0.1e-30.el6.11.i686.rpm 1302b925edd7faa50b82221024f563780d80c2fa672473c27e5a81097450c7ce openssl-perl-1.0.1e-30.el6.11.i686.rpm 5dd7fe542f02762d09f3ee0a7db164f561a1d064fded3a2c85cf4a7e1b016e53 openssl-static-1.0.1e-30.el6.11.i686.rpm x86_64: aeb1ce9586380db077c6ed640fd8343c7dc9e81522c51761b3c73f3aa54f2c1c openssl-1.0.1e-30.el6.11.i686.rpm 37d451930cd944d76e4d3633c2358c09f002bb728dd5242dabf7276cf19b08b7 openssl-1.0.1e-30.el6.11.x86_64.rpm 67aac300b57fc2a6ce20491ec3e152679dea33c290d1ecdadc386f662708ac9f openssl-devel-1.0.1e-30.el6.11.i686.rpm ac07813a1e36327cc1e4f711547f4f870afc5c0ef1952c66bd8298e840196e11 openssl-devel-1.0.1e-30.el6.11.x86_64.rpm ee631734dd1921b8e8c63e5d48332c76cc1c6677d3453418a372953375ddf12b openssl-perl-1.0.1e-30.el6.11.x86_64.rpm 53e8fba4e2dd99525c2ef1a0f52a63a1412187c6078ad0b095197c37ea94d231 openssl-static-1.0.1e-30.el6.11.x86_64.rpm Source: aac901f048953cae0a9d6962636edecb05142f577eca9b5eef37831be727e109 openssl-1.0.1e-30.el6.11.src.rpm
CESA-2015:1090 Important CentOS 7 wpa_supplicantSecurity Update
CentOS Errata and Security Advisory 2015:1090 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1090.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: edea97f19476420c56e44b92370361ef1f1274ef6a82817cba4bb2e3f09df69c wpa_supplicant-2.0-17.el7_1.x86_64.rpm Source: e020d70ba91f5283914c752914e064481efb07cbc11abf1b9024f60b945b8169 wpa_supplicant-2.0-17.el7_1.src.rpm
CESA-2015:1115 Moderate CentOS 7 openssl SecurityUpdate
CentOS Errata and Security Advisory 2015:1115 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1115.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bc9144f9b31c430dcd120cd675b078ff3180de3e1af3f56ece1c28ad1ba1afe6 openssl-1.0.1e-42.el7.8.x86_64.rpm 35707dd23c5f7f5fecd464188234b227f361e115d4814b7818de5a8aa1d11327 openssl-devel-1.0.1e-42.el7.8.i686.rpm f205480962bab1d757f1731e5834c5d426635dd39445f5624b57136fe115c3e9 openssl-devel-1.0.1e-42.el7.8.x86_64.rpm 47f3d6d69fed0f1ad6440f2f34f02f4df63cb044bbec0f343623f66272a4c594 openssl-libs-1.0.1e-42.el7.8.i686.rpm c66e3aee4fedbb8695096fb9a8ee0cc5e578e0e362f84bc6cf51e33763499f6e openssl-libs-1.0.1e-42.el7.8.x86_64.rpm b26d4355aff69dbe707291af3bf976ef388a385c0165af390ae180aa92f01fee openssl-perl-1.0.1e-42.el7.8.x86_64.rpm a22e45806b0f6021d51b943b1f698614a4340a1216dfd0f318d732c58a989145 openssl-static-1.0.1e-42.el7.8.i686.rpm b07ce3cc62434bc75d1733f1bbb3e30741f595ac76e7f0a4731ce32d9ae593fa openssl-static-1.0.1e-42.el7.8.x86_64.rpm Source: 11d65a62ecfa29673e056f44cb163338ab17a18d83170317110422a522e56e0d openssl-1.0.1e-42.el7.8.src.rpm
CESA-2015:1083 Important CentOS 7 abrt SecurityUpdate
CentOS Errata and Security Advisory 2015:1083 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1083.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 4b27d42a4ed792b8cc8729cc65e6d70a82225000bbad1aa0f002a05582679de2 abrt-2.1.11-22.el7.centos.0.1.x86_64.rpm 8be3e042cec3dc2d68f19ea62d9b880442b33bf429b4f2325e80b0f19f133a9c abrt-addon-ccpp-2.1.11-22.el7.centos.0.1.x86_64.rpm f12671c432bc97b704a331beed7a05477e66d72c2b95b56a33057799586a9d14 abrt-addon-kerneloops-2.1.11-22.el7.centos.0.1.x86_64.rpm 139a22358ae24457a5cdde0f3b76f20afd8c76ee62903699ca66d3ef7cde907f abrt-addon-pstoreoops-2.1.11-22.el7.centos.0.1.x86_64.rpm 733cb4afaa8ed2396b0be1dec7a48d99071a5525389a5f93bc1f3cbdbdf6d109 abrt-addon-python-2.1.11-22.el7.centos.0.1.x86_64.rpm 19a485fd3faa2490cbb03107e4cf04149845fa1a869f0bb757bbd9b5c280f11e abrt-addon-upload-watch-2.1.11-22.el7.centos.0.1.x86_64.rpm a376aee50bef41d675f46674a6f2bc1122816686b7fce163ea3eab766a77076c abrt-addon-vmcore-2.1.11-22.el7.centos.0.1.x86_64.rpm 99d726e65c5c79be88801e5ae320d2ae1f31b6b53618a7e74fe7f5de5c4d7676 abrt-addon-xorg-2.1.11-22.el7.centos.0.1.x86_64.rpm b7123238ab0d18942244ec6f27ccaf08850516556d659225804406f2be875925 abrt-cli-2.1.11-22.el7.centos.0.1.x86_64.rpm d7543955cbc0e084e99096d89e53e81d54724fb86e6c0cb2d9e2b0a1369f1984 abrt-console-notification-2.1.11-22.el7.centos.0.1.x86_64.rpm d7a1c9aae575304814792a29bf06622478992c3f33449b0958233d67e9c6829d abrt-dbus-2.1.11-22.el7.centos.0.1.x86_64.rpm 960f3bcb0629b6b820b3d6de5307862872aec6d65c4b2e2d48cb366125004afa abrt-desktop-2.1.11-22.el7.centos.0.1.x86_64.rpm c271cd09b5271ba844db9860603ad01844019fd67a3617b019e9ba63865052b6 abrt-devel-2.1.11-22.el7.centos.0.1.i686.rpm 6deee7cb4d4da985f7358dc2aa1d1a66eb8d3687ce74311d81fb9e3f5b497055 abrt-devel-2.1.11-22.el7.centos.0.1.x86_64.rpm e233a7f7bf49b9fa8a08bc1edcf4a3c01dd6756d585ae39695591428c91e42d3 abrt-gui-2.1.11-22.el7.centos.0.1.x86_64.rpm 9e28942878f7d1c4c71a173e5fa3261fbebc4b97de0c42b22b886d9f27c0eb43 abrt-gui-devel-2.1.11-22.el7.centos.0.1.i686.rpm 7bf6fd743da7c4e9eee9b53e8188dbb73f08d3da8926488155e0f6621488e73d abrt-gui-devel-2.1.11-22.el7.centos.0.1.x86_64.rpm 6b7514f1d38dc4f2dfbfd27834856c2b3e174d3ca4b5de9ef1e8531f74fde0f1 abrt-gui-libs-2.1.11-22.el7.centos.0.1.i686.rpm ce17e648ec0a01501ca11a0c6977a03875fcb0363d0477993dbb175a857e92c0 abrt-gui-libs-2.1.11-22.el7.centos.0.1.x86_64.rpm e171b9232bd3d040b90a54a083560778c8987ced94be1650bfeccfc47ad94676 abrt-libs-2.1.11-22.el7.centos.0.1.i686.rpm ebcabc07e4448331a69188946ecca7a092efd07976e5f4eca2e6c332fd0f393f abrt-libs-2.1.11-22.el7.centos.0.1.x86_64.rpm 37268a78077c85b408ec490d0c86bbe100df6e38d23b679829d888f655b735b4 abrt-python-2.1.11-22.el7.centos.0.1.x86_64.rpm 9c0907bf8caa77cfbb0d6bc59a9d47ed2ffc67eb02a8603693421b16cec0dc20 abrt-python-doc-2.1.11-22.el7.centos.0.1.noarch.rpm 37534405d8dd8b2a43e8fef049c09e3dcb9b48e26b5edd3a1b7c5bcddf799ec1 abrt-retrace-client-2.1.11-22.el7.centos.0.1.x86_64.rpm 3b5f7701995278372733d3266bfad44b9ff7e038ce93d12a5ac0e1f12a20abd7 abrt-tui-2.1.11-22.el7.centos.0.1.x86_64.rpm a95b88b14f9f0bd4906550103da3d7dc9df947f4623c4d6156204dbaa4dc5c4d libreport-2.1.11-23.el7.centos.0.1.i686.rpm d47bcfd15d2f310d99ef699de5137f15a2c291618e11c1fcd72e913fc591a467 libreport-2.1.11-23.el7.centos.0.1.x86_64.rpm 5925ec5113c9fdcc0b0139644ed62457e4029685cd54ceb15f55570251a72f6e libreport-anaconda-2.1.11-23.el7.centos.0.1.x86_64.rpm 6a87c38afa2d7e033ea5fec43f7dcd5b8bbcc315b6713ace2e9a7578b14a43c6 libreport-centos-2.1.11-23.el7.centos.0.1.x86_64.rpm 9be835ea32aac9527cdac3e0eb40e5786231c25331843bc5f422e375c5263251 libreport-cli-2.1.11-23.el7.centos.0.1.x86_64.rpm 8cd8ebb566f5f23194a50b043cf88b7eeae57b2c1d2cbffe6fb9a6bbec738a6c libreport-compat-2.1.11-23.el7.centos.0.1.x86_64.rpm 9fd47522d7c2ecbd1d561fc65af8daf0c1035df5121ece77befcf373778c5222 libreport-devel-2.1.11-23.el7.centos.0.1.i686.rpm 3c851ca09a6d64cb61e5d0766c694a605a1b1d570c950cd580df420a942be6db libreport-devel-2.1.11-23.el7.centos.0.1.x86_64.rpm 9e31b4ea65d175a9189ab753631eb74293f3d09474c6b6eb54a27330586d5f5d libreport-filesystem-2.1.11-23.el7.centos.0.1.x86_64.rpm 99d28abbebaebf634da1b32087696cdf0971979f1f295cffedfb025928bb92ab libreport-gtk-2.1.11-23.el7.centos.0.1.i686.rpm 426dcca1877c44120fd347297b8fce738e22bc29352a281c29f6b5aa839c9fed libreport-gtk-2.1.11-23.el7.centos.0.1.x86_64.rpm 20b981ea69ca7d6328258576708dc266be7a5ee9ec75276c457fa87242181a53 libreport-gtk-devel-2.1.11-23.el7.centos.0.1.i686.rpm df22694bc3a7b1e71b498dbf8deb546e8c5b532a3bb708dab73f218cf041daf3 libreport-gtk-devel-2.1.11-23.el7.centos.0.1.x86_64.rpm 267fb4c24b371ad14ea4127e4adb22c8a4863dd721f8624906865f5e23082e0c libreport-newt-2.1.11-23.el7.centos.0.1.x86_64.rpm 59b71199f617aead4f665686ab1a0b6021f9d162a115955ee9abdbf00b890b5b libreport-plugin-bugzilla-2.1.11-23.el7.centos.0.1.x86_64.rpm 6e78d9e0b770b5d835220e9a87b4684dabf4cbe777ca1cfeac65227d06224d68 libreport-plugin-kerneloops-2.1.11-23.el7.centos.0.1.x86_64.rpm c029f1d59d61bb0f08e1ea5d6a826b3ff541f05d4d3f3070034097e426a4457b libreport-plugin-logger-2.1.11-23.el7.centos.0.1.x86_64.rpm 61ecffa6277a5740a8fb74fdf74d62c588ac108491154feddf513dc99b9e8010 libreport-plugin-mailx-2.1.11-23.el7.centos.0.1.x86_64.rpm ccd95e64a20f32933df46bfc9aac68f8fb8bbd9683ddd3dfb571bacd9e19240f libreport-plugin-mantisbt-2.1.11-23.el7.centos.0.1.x86_64.rpm 81cf3046d1cedf36386f547a193cc0530f4b4f378cc5ea25035ab566d42646aa libreport-plugin-reportuploader-2.1.11-23.el7.centos.0.1.x86_64.rpm 6181cec34cafe007051bcae62eb9dd404cba2d56b22ab6d9a7bb0998f0d77980 libreport-plugin-rhtsupport-2.1.11-23.el7.centos.0.1.x86_64.rpm 7b8a7f6d2cb08f3b2f697469d7a3e75b1322c8df029b9374fdea5c0ed8045ff5 libreport-plugin-ureport-2.1.11-23.el7.centos.0.1.x86_64.rpm 0c259e3957bcb1c959b1bd3c939c203aa60befc6c67a208493a6702ae779b698 libreport-python-2.1.11-23.el7.centos.0.1.x86_64.rpm e5c70aafbab02f6079289eb46fa701feea20e5e024a3d6d72e0531b667f364a5 libreport-rhel-2.1.11-23.el7.centos.0.1.x86_64.rpm 0ac1e4d2cafa5a624e91884138f6dd19f9f56e2f2e17904915219f54dc0b3d6b libreport-rhel-anaconda-bugzilla-2.1.11-23.el7.centos.0.1.x86_64.rpm 303fcc99cf23d0437272647e61930ba920aafa4295d95c478dfa671851721ba9 libreport-rhel-bugzilla-2.1.11-23.el7.centos.0.1.x86_64.rpm 865b33d2421f3398e5e4f5a1f8458782164f85ecda872f390124b02b944a9a22 libreport-web-2.1.11-23.el7.centos.0.1.i686.rpm d50717221b55476c26b378f0adbadfa2348554f0d475fc560f2ec1bed0fd39e0 libreport-web-2.1.11-23.el7.centos.0.1.x86_64.rpm 761bdbcef61a9b926b24305d3cafd2752ea7bcef180b1d02547deb9f095a18d2 libreport-web-devel-2.1.11-23.el7.centos.0.1.i686.rpm 615d9c27efa8a5115124eed71e4ac104fec0660eb54a8a50cc4ba81b3c543551 libreport-web-devel-2.1.11-23.el7.centos.0.1.x86_64.rpm Source: 3680fb837e0e12d4ed23c33014e2e4a44c1dd0ea36630e6c6be4038d9c8a0de1 abrt-2.1.11-22.el7.centos.0.1.src.rpm 398949878aa3d4a95c7a10052ee615cb946ff8d655a4065d065eee78a5daa7ef libreport-2.1.11-23.el7.centos.0.1.src.rpm
Women Gamers Celebrated and Encouraged
Games are playing an increasingly large role in the tech industry. An estimated 59% of Americans play computer games according to the Entertainment Software Association — and we’re talking about an industry creating tens of billions in revenue, with some estimates reaching $100 billion overall.
Interesting fact: Did you know that recent studies show that almost half (48%) of the users of games are women? Or that women over the age of 18 also represent a significantly greater portion of the game-playing population (36 percent) than boys age 18 or younger (17 percent)?
This particularly noteworthy, because this is a sector where women have appeared to be relatively absent – at least in terms of women characters being represented. Lara Croft’s character in Tomb Raider is one exception. The lack of female protagonists stirred controversy at last June’s Electronic Entertainment Expo (E3), the big industry gathering.
While the “dudebros” perception is that only guys make and play video games, this is clearly not the case in games. And game developers, like all companies, would be wise to really take a look at their consumer base and act accordingly.
Women also have made some of the most influential and important games, going back to the early days of Atari.
This is in evidence at the Oakland, CA Museum of Art and Digital Development (MADE), where they are trying to help change perceptions of reality by increasing awareness regarding women’s contribution to games. An interactive exhibit at the Museum is celebrating six important and pioneering women in games development and displaying work from their careers.
I’m sure some of these honorees will be more than familiar to gamers out there:
- Roberta Williams, who co-founded Sierra Entertainment and pioneered graphic adventure games like Kings Quest 1
- Carol Shaw, an early Atari and Activision designer, whose credits include River Raid
- Rieko Kodama, a Sega designer, credited with the high-profile Phantasy Star series
- Yoko Shimomura, a video game music composer, whose work includes Street Fighter II
- Danielle Bunten Berry, who is famous for Seven Cities of Gold
- Amy Henning, a video game director whose work includes the Legacy of Kain series
MADE’s appreciation of women in games comes at a perfect time, when there is positive change occurring:
The number of women in game development has nearly doubled since 2009, according to a report from International Game Developers Association (IGDA). (Women now make up 22% of the workforce in game development.) And the IGDA with the support of Intel announced earlier this year it is working to double the number again and bring more women and other diverse talent to the tech and games industries. Also in Europe, Women in Games Jobs (WIGJ) announced it plans to help double the number of women working in the industry in the UK and Europe over the next ten years.
In another sign of the times, Ubisoft’s Assassin’s Creed will reportedly get a female protagonist, and EA Sports has just announced it will include 12 female teams in “FIFA 16″. Read more here.
Meanwhile another symbol of the change also occurred last weekend across the San Francisco Bay from the MADE exhibit, where another inspiring event was taking place to promote interest of girls in games. The brand-new San Francisco chapter of national nonprofit ChickTech held a pop-up educational event with as many as twenty young women from local high schools participating in a session on game programming around Unity 5 game development tool.
ChickTech: High School is an arm of the ChickTech nonprofit that revolves around creating events that will get high schoolers interested and excited about technology. ChickTech’s mission is to reach the girls who would make great engineers, but because of stereotypes and a lack of opportunity, may not realize it until they are already doing something else.
It definitely will be interesting to watch what happens at this year’s E3 Expo 2015 taking place June 16-19 in LA and whether we will see women in games continue to make strides!
