mailing.unix.bugtraq Google Group

[slackware-security] ruby (SSA:2013-136-02)

secur...@slackware.com (Slackware Security Team) — Thu, 16 May 2013 22:44:50 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ruby (SSA:2013-136-02)

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current
to fix a security issue.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/ruby-1.9.3_p4 29-i486-1_slack14.0.txz: Upgraded.

CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!

slawomir.j...@gmail.com (Sławomir Jabs) — Fri, 17 May 2013 11:47:27 UT

Everything has a story, everything evolves, adapts to changing circumstances
but does your IT Sec strategy evolve with the development of the digital
world?

Are you wiling to gamble on the security of you systems?

Join the upcoming CONFidence conference and meet both renown speakers and
specialists who deal with the IT security on a daily basis. People like,

[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)

secur...@slackware.com (Slackware Security Team) — Thu, 16 May 2013 19:44:00 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)

New mozilla-thunderbird packages are available for Slackware64 13.37 and
14.0. These were accidentally omitted from the last upload.

Here are the details from the Slackware64 14.0 ChangeLog:

APPLE-SA-2013-05-16-1 iTunes 11.0.3

product-security-nore...@lists.apple.com (Apple Product Security) — Thu, 16 May 2013 17:37:55 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-05-16-1 iTunes 11.0.3

iTunes 11.0.3 is now available and addresses the following:

iTunes
Available for: Mac OS X v10.6.8 or later, Windows 7, Vista,
XP SP2 or later
Impact: An attacker in a privileged network position may manipulate

ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability

security_al...@emc.com (Security Alert) — Thu, 16 May 2013 14:04:57 UT

ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability

security_al...@emc.com (Security Alert) — Thu, 16 May 2013 14:03:24 UT

[slackware-security] mozilla-thunderbird (SSA:2013-135-02)

secur...@slackware.com (Slackware Security Team) — Thu, 16 May 2013 03:05:55 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2013-135-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+

[slackware-security] mozilla-firefox (SSA:2013-135-01)

secur...@slackware.com (Slackware Security Team) — Thu, 16 May 2013 03:05:37 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2013-135-01)

New mozilla-firefox packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+

[SECURITY] [DSA 2669-1] linux security update

da...@debian.org (dann frazier) — Thu, 16 May 2013 02:48:53 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------ ------------------------------ ----------
Debian Security Advisory DSA-2669-1 secur...@debian.org
[link] Dann Frazier
May 15, 2013 [link]

Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability

ps...@cisco.com (Cisco Systems Product Security Incident Response Team) — Wed, 15 May 2013 16:00:08 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability

Advisory ID: cisco-sa-20130515-mse

Revision 1.0

For Public Release 2013 May 15 16:00 UTC (GMT)

+----------------------------- ------------------------------ ----------

Multiple Vulnerabilities in Exponent CMS

advis...@htbridge.com — Wed, 15 May 2013 11:12:28 UT

Advisory ID: HTB23154
Product: Exponent CMS
Vendor: Online Innovative Creations
Vulnerable Version(s): 2.2.0 beta 3 and probably prior
Tested Version: 2.2.0 beta 3
Vendor Notification: April 24, 2013
Vendor Patch: May 3, 2013
Public Disclosure: May 15, 2013
Vulnerability Type: SQL Injection [CWE-89], PHP File Inclusion [CWE-98]

[ MDVSA-2013:165 ] firefox

secur...@mandriva.com — Wed, 15 May 2013 10:19:00 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________ ______________________________ ___________

Mandriva Linux Security Advisory MDVSA-2013:165
[link]
______________________________ ______________________________ ___________

[security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code

security-al...@hp.com — Wed, 15 May 2013 03:35:25 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
[link]
docDisplay?docId=emr_na-c03714 526

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03714526
Version: 3

HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service

[SECURITY] [DSA 2668-1] linux-2.6 security update

da...@debian.org (dann frazier) — Tue, 14 May 2013 19:14:29 UT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------ ------------------------------ ----------
Debian Security Advisory DSA-2668-1 secur...@debian.org
[link] Dann Frazier
May 14, 2013 [link]

File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities

resea...@vulnerability-lab.com (Vulnerability Lab) — Sun, 12 May 2013 21:18:16 UT

======
File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities

Date:
=====
2013-05-04

References:
===========
[link]

VL-ID:
=====
939

Common Vulnerability Scoring System:
============================== ======
5.9

Introduction: