Google said that more than half of pageloads on Chrome across platforms are encrypted; Android as the lone laggard, but trending upward.
Monthly Archives: November 2016
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution
Posted by KoreLogic Disclosures on Nov 04
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution
Title: Sophos Web Appliance Remote Code Execution
Advisory ID: KL-001-2016-009
Publication Date: 2016.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt
1. Vulnerability Details
Affected Vendor: Sophos
Affected Product: Web Apppliance
Affected Version: v4.2.1.3
Platform: Embedded Linux
CWE Classification: CWE-78:…
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation
Posted by KoreLogic Disclosures on Nov 04
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation
Title: Sophos Web Appliance Privilege Escalation
Advisory ID: KL-001-2016-008
Publication Date: 2016.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-008.txt
1. Vulnerability Details
Affected Vendor: Sophos
Affected Product: Web Apppliance
Affected Version: v4.2.1.3
Platform: Embedded Linux
CWE Classification: CWE-522:…
ghostscript-9.20-5.fc23
This update fixes a rare ocasion where ghostscript would fail when displaying *.ps files. More info can be found [here](http://bugs.ghostscript.com/show_bug.cgi?id=697286).
—-
This is a security update for these CVEs:
* [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi?id=1383940) – *check for sufficient params in .sethalftone5*
* [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) – *.libfile does not honor -dSAFER* [This CVE is now correctly fixed, previous release was accidentally missing the fix.]
Learn Python Online — From Scratch to Penetration Testing
When we started our brand new THN Deals Store last week on the special occasion of company’s 6th Anniversary, we introduced its very first product, Professional Hacking Certification Package, and received great response from our readers.
Thank you!
If you have not yet, you can still get this deal — Computer Hacker Professional Certification Package — at 96% discount.
This Package offers you
I can see your texts: A deep dive into SMS/messaging clients, security, and privacy
ESET’s Michael Aguilar takes a deep dive into SMS/messaging clients, security, and privacy.
The post I can see your texts: A deep dive into SMS/messaging clients, security, and privacy appeared first on WeLiveSecurity.
Avira strikes again! 1st place in AV-Comparatives Performance Test
Avira strikes again! Avira Antivirus Pro occupies the 1st place in the AV-Comparatives Performance Test in October 2016.
The post Avira strikes again! 1st place in AV-Comparatives Performance Test appeared first on Avira Blog.
William Hill website hit with DDoS attack
UK-based bookmaker William Hill has been hit with a DDoS attack, preventing many of its customers from being able to access its main website.
The post William Hill website hit with DDoS attack appeared first on WeLiveSecurity.
tre-0.8.0-18.20140228gitc2f5d13.el7
This update includes the following fixes:
* fix for CVE-2016-8859
* fix for CVE-2015-3796 (see https://github.com/laurikari/tre/issues/37 and https://bugs.chromium.org/p/project-zero/issues/detail?id=428)
tre-0.8.0-18.20140228gitc2f5d13.fc23
This update includes the following fixes:
* fix for CVE-2016-8859
* fix for CVE-2015-3796 (see https://github.com/laurikari/tre/issues/37 and https://bugs.chromium.org/p/project-zero/issues/detail?id=428)
* fix for parallel installation of multilib packages