Original release date: August 11, 2015
Microsoft has released 14 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow remote code execution or elevation of privileges and information disclosure.
US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-079 through MS15-092 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Multiple security issues have been found in Iceweasel, Debian’s version
of the Mozilla Firefox web browser: Multiple memory safety errors,
integer overflows, buffer overflows, use-after-frees and other
implementation errors may lead to the execution of arbitrary code,
bypass of the same-origin policy or denial of service.
Kurt Roeckx discovered that decoding a specific certificate with very
long DistinguishedName (DN) entries leads to double free. A remote
attacker can take advantage of this flaw by creating a specially crafted
certificate that, when processed by an application compiled against
GnuTLS, could cause the application to crash resulting in a denial of
service.
Original release date: August 11, 2015
Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Adobe Security Bulletin APSB15-19 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
The CentOS Project is pleased to announce general availability of the 1507 rolling build ISO install based media for CentOS Linux 7. The rolling builds are a point in time snapshot of a given CentOS version including all updates on mirror.centos.org. This includes all all security, bugfix, enhancement and general updates for CentOS Linux, in this case they include updates up to and including July 28th, 2015. Machines installed from this media will have all these updates pre-included and will look no different when compared with machines installed with older media that have been yum updated to the same point in time. All rpm/yum repositories remain on mirror.centos.org with no changes in either layout or content. The following ISOs are available here: http://buildlogs.centos.org/rolling/7/isos/x86_64/ File: CentOS-7-x86_64-DVD-1507-01.iso Sha256sum: 6a5de73d0c226d367d9535df0c6fc8bf5c1a712baf08f4c4ccd899a6f0ff5e64 File: CentOS-7-x86_64-Everything-1507-01.iso Sha256sum: 6fbc3b7e6fdd26f0a8e5543000ee2ea3fc7f7a08e9f34d30300d7e905d1d60bb File: CentOS-7-x86_64-LiveCD-1507-01.iso Sha256sum: d0fab7c55995f6cc67524ed35deb88df566ec9158094635e7d2fdfedf83973c8 File: CentOS-7-x86_64-LiveGNOME-1507-01.iso Sha256sum: 9ce946a9c49940b24c10cc73b50ba507a4ad93f3b2367ee58606d7f53e5f3920 File: CentOS-7-x86_64-LiveKDE-1507-01.iso Sha256sum: 0713355905c62e3fa2c2dd73812ee471563a88402a656111d4778e11fa978a2e File: CentOS-7-x86_64-Minimal-1507-01.iso Sha256sum: afdf4b6fb038f1f68cba34b7786d1d60681190d8cc9d6291bbca348899351e76 Symlinks are provided that will always map to the latest released builds, as follows ( including their current mapping ) http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-DVD.iso - -> CentOS-7-x86_64-DVD-1507-01.iso http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-Everything.iso - -> CentOS-7-x86_64-Everything-1507-01.iso http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-Minimal.iso - -> CentOS-7-x86_64-Minimal-1507-01.iso These symlinks will be updated to point at the latest tested and released media and make for a good target in automation that requires CentOS Linux media. Note: We will be releasing these on a monthly basis on or before the 7th of each month and they will always be based on RPMs released upto and including the 28th of the previous month. This release was delayed 4 days because of the CentOS-6.7 release. - ---------- For more information and comments please join us on the centos-devel mailing list ( http://lists.centos.org/ ) Enjoy! - -- Johnny Hughes The CentOS Project
This archive houses a large quantity of vulnerabilities identified in Netsweeper versions ranging from 2.6.29 through 4.0.9. These include authentication bypass, file upload and execution, cross site scripting, SQL injection, and more.
This bulletin summary lists fourteen released Microsoft security bulletins for August, 2015.
CentOS Errata and Security Advisory 2015:1586 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1586.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 51517ece01268a1f89503a0c5ff73485d43ba38eddaa6c47381f02a77ddfd509 firefox-38.2.0-4.el6.centos.i686.rpm x86_64: 51517ece01268a1f89503a0c5ff73485d43ba38eddaa6c47381f02a77ddfd509 firefox-38.2.0-4.el6.centos.i686.rpm 4947e88d47467034ceb41ba60c12ce4d79a8dc6c347671ee1abb338475379308 firefox-38.2.0-4.el6.centos.x86_64.rpm Source: 0ff6b5f481a6a9494d3eec90fe8e7d79f21bf52564a9e0b39db911a3c5ea69c7 firefox-38.2.0-4.el6.centos.src.rpm
This is a public blog posted by Oracle’s CSO Mary Ann Davidson. It provides a rare glimpse into the corporate mindframe reminding us all that license agreements are always respected by hostile parties and therefore security researchers should not even consider reverse engineering Oracle’s code base. As has been proven time and again, Oracle’s bullet proof unbreakable security does not need public vetting and they consistently can identify and address all issues without your needless meddling.
Red Hat Security Advisory 2015-1586-01 – Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.