Monthly Archives: August 2016

Hackers News

Germany and France declare War on Encryption to Fight Terrorism

Yet another war on Encryption!

France and Germany are asking the European Union for new laws that would require mobile messaging services to decrypt secure communications on demand and make them available to law enforcement agencies.

French and German interior ministers this week said their governments should be able to access content on encrypted services in order to fight terrorism, the

Full Disclosure

SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise

Posted by SEC Consult Vulnerability Lab on Aug 25

SEC Consult Vulnerability Lab Security Advisory < 20160825-0 >
=======================================================================
title: Multiple vulnerabilities
product: Micro Focus GroupWise
vulnerable version: GroupWise 2014 R2 (<=SP1)
GroupWise 2014
(unsupported versions may be affected)
fixed version: GroupWise 2014 R2 Service Pack 1 Hot Patch 1…

Debian

DSA-3652 imagemagick – security update

This updates fixes many vulnerabilities in imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service or the execution of arbitrary code if
malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum,
PDB, DDS, DCM, EXIF, RGF or BMP files are processed.

Debian

DSA-3651 rails – security update

Andrew Carpenter of Critical Juncture discovered a cross-site scripting
vulnerability affecting Action View in rails, a web application
framework written in Ruby. Text declared as HTML safe will not have
quotes escaped when used as attribute values in tag helpers.