Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Red Hat Security Advisory 2014-1365-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel’s futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. The security impact of this issue was discovered by Mateusz Guzik of Red Hat.

Original release date: October 07, 2014

Oracle has released security updates to address bash vulnerabilities found across multiple products.

US-CERT recommends users and administrators review the Oracle Security Article for additional details, and apply updates as necessary.

This product is provided subject to this Notification and this Privacy & Use policy.

Nessus Web UI version 2.3.3 suffers from a persistent cross site scripting vulnerability.

Original release date: October 07, 2014

Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS, some of which could potentially allow an attacker to take control of the affected system or cause a denial of service condition.

Updates available include:

• Chrome 38.0.2125.101 for Windows, Mac and Linux
• Chrome 38.0.2125.59 for iPhone and iPad
• Chrome OS 38.0.2125.101 for all Chrome OS devices except Chromeboxes

Users and administrators are encouraged to review the Google Chrome blog entries 1, 2 and 3, and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Bugzilla Security Advisory – Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.

CPUMiner versions prior to 2.4.1 suffer from a stack overflow vulnerability.