– Update to 2.4.2
– CVE-2017-2784
Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.4.2-2.1.7-and-1.3.19-released
Security notes: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01
Monthly Archives: March 2017
Scientists Store One Bit of Data on a Single Atom — Future of Data Storage
Imagine a pocket-sized hard drive capable of storing the entire list of 35 Million Songs?
This isn’t yet practical, but IBM has just taken a big step towards improving computing technology: IBM researchers just discovered a way to store data on a single atom.
Data storage is undergoing dramatic evolution, recently researchers successfully stored digital data — an entire operating system, a
CVE-2014-3926
Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the “addr” parameter.
CVE-2017-6807
mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site on the same server to get access to that site.
Spy Satellite Scientist Goes To Prison For Stowing Secrets At Home
Hackers Steal Personal Data Of Thousands Of Hospital Staff
GCHQ Warns Politicians About Russian Hacking Threat
New Cloaking System Makes Connected Cars Undetectable
Ubuntu Security Notice USN-3230-1
Ubuntu Security Notice 3230-1 – It was discovered that Pillow incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Cris Neckar discovered that Pillow incorrectly handled certain malformed images. A remote attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
Ubuntu Security Notice USN-3229-1
Ubuntu Security Notice 3229-1 – It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.