WatchGuard XTM 2050 Designed Specifically for Large Corporate Customers and Managed Security Service Providers; Enhances LiveSecurity Service with 4-Hour Hardware Replacement
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI. (CVSS:5.0) (Last Update:2013-05-14)
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. (CVSS:4.3) (Last Update:2011-09-21)
Breaks Q1 Revenue Record; Marks Second Record-Breaking Quarter in a Row
New Safe Search Functionality; Enhances Application Control Functionality for XTM Security Appliances
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. (CVSS:5.0) (Last Update:2014-02-20)
Ushers in High Security Solutions to Protect Businesses Using Unified Communications
Hot Issues – problems with the product that we are currently researching and working to resolve, or additional information regarding current situations. If you have additional information about issues, please post it to the existing thread on the subject. Please do not create a new thread for the same subject; this will create confusion about the issue.
– My computer stops responding after I install the latest updates for my Norton 2011 product (More Information)
– Some users may experience WS.Reputation.1 detections (More Information)
– Programs compiled with certain compilers may be falsely detected by SONAR (More Information)
Hot Fixes – tools we’ve created to resolve Hot Issues that were previously reported on the forums. You will see them listed below with a link to the Symantec Knowledge Base article containing the Hot Fix. If you continue to experience the problem after using the Hot Fix, please open a new thread on the subject.
Norton Internet Security 2011 / Norton 360 5.0 toolbar toolbar does not load on Firefox 4:
– NIS 2011 (hotfix available)
– N360 v5 (hotfix available)
Fixes
The following fixes are included in the Norton Internet Security / Norton AntiVirus 18.5 (2011.5) release (available in the Norton Update Center):
– Fixed an issue where Norton Insight might falsely report 0% trusted when Performance Monitoring was disabled. (Discussed Here)
– Fixed an issue with the Activity Map might not update when Smart Definitions are enabled. (Discussed Here)
– Improved instances where the Norton AntiSpam Toolbar might be erroneously disabled (or “grayed out”) in Microsoft Outlook 2007 and Microsoft Outlook 2010. (Discussed Here)
– Corrected an issue where “Custom UI Runtime Error in Norton AntiSpam Outlook Plugin” might display when using Microsoft Outlook. (Discussed Here)
– Fixed an issue where the option to “run” an executable was missing from a File Insight/Download Insight window. (Discussed Here)
– Corrected an issue where Idle Full System Scans would show report inconsistent amounts of Scanned Files. (Discussed Here)
– Fixed an issue where Full System Scans would not run continuously, including when the machine is left idle.
– Fixed an issue where the Norton Product may display “Subscription Expired” after updating from a previous version.
– Fixed Internet Explorer crashes that were due to Intrusion Prevention.
– Performance Enhancements were made on the Norton Toolbar for Internet Explorer 9 Beta.
– Enhanced Settings migration when updating from an older version.
– Usability and Performance improvements to the support experience.
– Added better Norton AntiSpam support for Microsoft Outlook configured with multiple accounts.
– Corrected a few instances of 8504 errors that may appear when the Norton product is launched.
– Fixed a Registry Leak issue that may occur during shutdown. (Discussed Here)
Apache HTTP Server 2.3.11-beta Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.3.11-beta of the Apache HTTP
Server ("Apache"). This version of Apache is our initial Beta release
of Apache httpd 2.4 to test new technology and features that are incompatible
or too large for the stable 2.2.x branch. This Beta release should not be
presumed to be compatible with binaries built against any prior or future
version, although, as a Beta, the API is in a semi-frozen state.
Apache HTTP Server 2.3.11-beta is available for download from:
http://httpd.apache.org/download.cgi
Apache 2.3 offers numerous enhancements, improvements, and performance
boosts over the 2.2 codebase. For an overview of new features
introduced since 2.3 please see:
http://httpd.apache.org/docs/trunk/new_features_2_4.html
Please see the CHANGES_2.3 file, linked from the download page, for a
full list of changes.
This release includes the Apache Portable Runtime (APR) version 1.4.2
and APR-Util version 1.3.10 in a separate -deps tarball. The APR libraries
must be upgraded for all features of httpd to operate correctly.
This release builds on and extends the Apache 2.2 API. Modules written
for Apache 2.2 will need to be recompiled in order to run with Apache
2.3, and require minimal or no source code changes.
http://svn.apache.org/repos/asf/httpd/httpd/trunk/VERSIONING