Red Hat Enterprise Linux: An update for python-django is now available for Red Hat Enterprise Linux
OpenStack Platform 5.0 (Icehouse) for RHEL 6.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-2512, CVE-2016-2513
Red Hat Enterprise Linux: Updated OpenStack Dashboard packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for
RHEL 7.
23rd March, 2016
A security issue affects these releases of Ubuntu and its
derivatives:
LibTIFF could be made to crash or run programs as your login if it opened a
specially crafted file.
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a specially
crafted image, a remote attacker could crash the application, leading to a
denial of service, or possibly execute arbitrary code with user privileges.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
24th March, 2016
A security issue affects these releases of Ubuntu and its
derivatives:
Quagga could be made to crash or run programs if it received specially
crafted network traffic.
Kostya Kortchinsky discovered that Quagga incorrectly handled certain route
data when configured with BGP peers enabled for VPNv4. A remote attacker
could use this issue to cause Quagga to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2016-2342)
It was discovered that Quagga incorrectly handled messages with a large
LSA when used in certain configurations. A remote attacker could use this
issue to cause Quagga to crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 LTS. (CVE-2013-2236)
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Quagga to make all the
necessary changes.
Despite so many messaging apps, Email is still one of the widely used and popular ways to communicate in this digital age.
But are your Emails secure?
We are using email services for decades, but the underlying 1980s transport protocol used to send emails, Simple Mail Transfer Protocol (SMTP), is ancient and lacks the ability to secure your email communication entirely.
However, to
Annoying popups advertising fake antivirus apps appear in mobile browsers.Those evil popups. We all know them, we all see them every day on our PCs while we are reading news, watching videos, or just generally – clicking. As tempting as they might sound, let me assure you that you’re not a 1000000th visitor and you certainly just didn’t win a lottery. Also no magic diet pills for you. Popups are not your friend. Close them, block them, and never trust them.
Apple patched an OS X vulnerability in a kernel driver that could give attackers root-level privileges on a Mac computer, researchers at Cisco Talos said.
Ubuntu Security Notice 2941-1 – Kostya Kortchinsky discovered that Quagga incorrectly handled certain route data when configured with BGP peers enabled for VPNv4. A remote attacker could use this issue to cause Quagga to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Quagga incorrectly handled messages with a large LSA when used in certain configurations. A remote attacker could use this issue to cause Quagga to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.
Red Hat Security Advisory 2016-0506-01 – Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django’s django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.
Red Hat Security Advisory 2016-0503-01 – Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django’s django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.