HP Security Bulletin HPSBGN03633 1 – Potential vulnerabilities have been identified in HPE Release Control. The vulnerabilities could be exploited remotely to allow denial of service (DoS), disclosure of information, unauthorized access to files or server-side request forgery (SSRF). Revision 1 of this advisory.

The Information Systems and Technologies research and industrial community is invited to submit proposals of Workshops for WorldCist’17. It will be held on Porto Santo Island, Madeira, Portugal. It will take place April 11th through the 13th, 2017.

zFTP client version 20061220+dfsg3-4.1 suffers from a local buffer overflow vulnerability.

Debian Linux Security Advisory 3638-1 – Several vulnerabilities were discovered in cURL, an URL transfer library.

Debian Linux Security Advisory 3639-1 – Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, bypass restrictions, obtain sensitive revision-history information, or mount a denial of service.

Atutor version 2.2.1 suffers from a path traversal vulnerability.

Red Hat Security Advisory 2016-1551-01 – Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.3.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

Red Hat Security Advisory 2016-1552-01 – The Network Time Protocol is used to synchronize a computer’s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: It was found that when NTP was configured in broadcast mode, a remote attacker could broadcast packets with bad authentication to all clients. The clients, upon receiving the malformed packets, would break the association with the broadcast server, causing them to become out of sync over a longer period of time.