Ubuntu Security Notice USN-2758-1

Ubuntu Security Notice 2758-1 – It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

Red Hat Security Advisory 2015-1853-01

Red Hat Security Advisory 2015-1853-01 – In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 2 offering was retired on September 30, 2015, and support is no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 2 after September 30, 2015. In addition, technical support through Red Hat’s Global Support Services will no longer be provided for Red Hat Developer Toolset Version 2 after this date. We encourage customers using Red Hat Enterprise Linux 6 to plan their migration from Red Hat Enterprise Developer Toolset Version 2 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product.

HP Security Bulletin HPSBGN03424 1

HP Security Bulletin HPSBGN03424 1 – A potential security vulnerability was been identified in HP Cloud Service Automation version v4.5. The vulnerability could be exploited to allow remote authentication bypass. Note: HP C.A. contains a version of Node.js, that when used in FIPS mode is affected by Alternative Chains Certificate Forgery Vulnerability (CVE-2015-1793). The vulnerability may allow remote attacker to spoof a Certification Authority role and trigger unintended certificate verification. Revision 1 of this advisory.

Avira Secure Browser: Breaking some eggs

Steve Jobs killed Flash on the IPhone. Flash is a way of viewing videos in the internet – and a top 10 way of getting infected with malware. It is old technology. HTML5, CSS and Javascript are replacing it. The internet is changing. But sadly some of the older web pages still use the old technology instead of switching.

The post Avira Secure Browser: Breaking some eggs appeared first on Avira Blog.