Today, Kaspersky Lab, a longtime member of Dell EMC’s Technology Partner Program, has completed certification of Kaspersky Security for Storage with Dell EMC FluidFS v6.
The malware business: Today’s top get-rich-quick scheme, funded by YOU
Have you ever been tempted by one of those ads promising “You can earn $20,000 a month by working from home just 4 hours a day!”? Most of us probably have, even for a moment.
Adium vulnerable to remote code execution via libpurple
Posted by erythronium23 on Mar 21
Adium is a popular instant messaging client for MacOS (OSX) that
incorporates libpurple. The current release (1.5.10.2) is vulnerable
to CVE-2017-2640 in libpurple, which permits execution of arbitrary
code on the client.
The Adium team has been aware of the vulnerability since at least
March 15, but has not released an advisory to its users, for reasons
unknown.
A post to the official developer’s mailing list, which included
vulnerability…
Bugtraq: CVE-2017-7183 ExtraPuTTY v029_RC2 TFTP Denial Of Service
CVE-2017-7183 ExtraPuTTY v029_RC2 TFTP Denial Of Service
Bugtraq: [security bulletin] HPSBUX03596 rev.2 – HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access
[security bulletin] HPSBUX03596 rev.2 – HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access
Bugtraq: [SECURITY] [DSA 3796-2] sitesummary regression update
[SECURITY] [DSA 3796-2] sitesummary regression update
Bugtraq: ESA-2017-010: EMC RecoverPoint SSL Stripping Vulnerability
ESA-2017-010: EMC RecoverPoint SSL Stripping Vulnerability
RHBA-2017:0562-1: java-1.7.1-ibm bug fix update
Red Hat Enterprise Linux: Updated java-1.7.1-ibm packages that fix one bug are now available for the
Supplementary channel of Red Hat Enterprise Linux 6.
RHBA-2017:0561-1: virtio-win bug fix and enhancement update
Red Hat Enterprise Linux: An updated virtio-win package that fixes one bug and adds various enhancements
is now available from the Supplementary channel of Red Hat Enterprise Linux 6.
USN-3237-1: FreeType vulnerability
Ubuntu Security Notice USN-3237-1
20th March, 2017
freetype vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
FreeType could be made to crash or run programs if it opened a specially
crafted font file.
Software description
- freetype
– FreeType 2 is a font engine library
Details
It was discovered that FreeType did not correctly handle certain malformed
font files. If a user were tricked into using a specially crafted font
file, a remote attacker could cause FreeType to crash, resulting in a
denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.10:
-
libfreetype6
2.6.3-3ubuntu1.1
- Ubuntu 16.04 LTS:
-
libfreetype6
2.6.1-0.1ubuntu2.1
- Ubuntu 14.04 LTS:
-
libfreetype6
2.5.2-1ubuntu2.6
- Ubuntu 12.04 LTS:
-
libfreetype6
2.4.8-1ubuntu2.4
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart your session to make
all the necessary changes.