Linux kernel next-20091013
http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=summary
Linux kernel 2.6.32-rc4-git2
http://www.kernel.org/diff/diffview.cgi?file=/pub/linux/kernel//v2.6/snapshots/patch-2.6.32-rc4-git2.bz2
Trend Micro InterScan VirusWall スタンダードエディション 7.0 Windows版 公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1311
JVNDB-2009-002087 Sun Solaris の IPv6 ネットワーキングスタックにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002087.html
JVNDB-2009-002086 OpenOffice.org におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002086.html
JVNDB-2009-002085 OpenOffice.org における整数アンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002085.html
JVNDB-2009-002084 Mac OS X 用 Java の Java Web Start コマンドランチャーにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002084.html
JVNDB-2009-002083 Sun Java SE の Provider クラスにおける詳細不明な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002083.html
JVNDB-2009-002082 Sun Java SE の Provider クラスにおける詳細不明な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002082.html
Kernel release: 2.6.31.4
http://www.linux.org/news/2009/10/12/0002.html
Kernel release: 2.6.27.37
http://www.linux.org/news/2009/10/12/0001.html
+ Solution 263529: Security Vulnerabilities in Solaris Bundled Tomcat May Lead to Unauthorized Access to Data or Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263529-1
+ Solution 269468: Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates May Cause Arbitrary Code Execution
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269468-1
+ Linux kernel 2.6.27.37, 2.6.31.4 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.37
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4
[ANNOUNCE] BSF 3.0 released
http://jakarta.apache.org/bsf/
[ANNOUNCE] Jakarta BSF 3.0 released
http://jakarta.apache.org/bsf/
MySQL Server 5.4.3-beta has been released
http://mysql.com/products/enterprise/
[ntp:announce] NTP 4.2.5p230-RC Released
http://www.ntp.org/downloads.html
[ntp:announce] NTP 4.2.5p231-RC Released
http://www.ntp.org/downloads.html
[ANNOUNCE] Apache Buildr 1.3.5 Released
http://buildr.apache.org/#news
INN 2.5.1 released
https://www.isc.org/node/497
Solution 266908: Security vulnerability in Solaris Pidgin (see pidgin(1)), Versions Prior to 2.5.9 may Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266908-1
FreeBSD: April-September, 2009 Status Report
http://www.freebsd.org/news/status/report-2009-04-2009-09.html
Dovecot 2.0 alpha released
http://www.dovecot.org/list/dovecot-news/2009-October/000139.html
Linux kernel 2.6.32-rc4 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc4
Which Perl for Win32 PCs with restricted rights?
http://use.perl.org/article.pl?sid=09/10/10/1344242&from=rss
Kernel release: 2.6.32-rc4
http://www.linux.org/news/2009/10/11/0001.html
Kernel release: 2.6.31.4-rc2
http://www.linux.org/news/2009/10/09/0003.html
Kernel release: 2.6.31.4-rc1
http://www.linux.org/news/2009/10/09/0002.html
Kernel release: 2.6.27.37-rc1
http://www.linux.org/news/2009/10/09/0001.html
WebSphere MQ File Transfer Edition V7.0.2 for distributed platforms and z/OS software announcement
http://www-01.ibm.com/support/docview.wss?rs=171&context=SSFKSJ&context=SSEP7X&dc=D600&uid=swg21406409&loc=en_US&cs=UTF-8&lang=en
Document ID: 334286: Veritas Storage Foundation High Availability for Windows 5.1 (SFWHA) and Veritas Cluster Server 5.1 for Windows (VCS) updated System Center Operations Manager 2007 (SCOM) Management Packs (MP)
http://seer.entsupport.symantec.com/docs/334286.htm
Debian : End-of-life announcement for clamav in stable and oldstable
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30592
Debian : New python-django packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30593
Mandriva : xmlsec1
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30596
Computer Associates : Security Notice for CA Anti-Virus Engine
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30584
Debian : New wget packages fix SSL certificate verification weakness
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30581
Debian : New opensaml2 and shibboleth-sp2 packages fix regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30594
Independent Researcher : Multiple SQL-Injection Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30585
Justin C. Klein Keane : Wikitools 6.x-1.2 and 5.x-1.3 XSS Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30588
Justin C. Klein Keane : 5.20 and 6.14 Filter Module (Core) XSS Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30589
Justin C. Klein Keane : 5.20 and 6.14 (Core) XSS Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30590
Mandriva : imagemagick
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30577
Mandriva : graphicsmagick
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30578
Mandriva : awstats
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30597
Mandriva : gd
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30598
Mandriva : egroupware
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30599
Mandriva : sympa
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30600
Mandriva : netpbm
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30601
Ubuntu Security Notice : devscripts vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30595
[SECURITY] [DSA 1904-1] New wget packages fix SSL certificate verification weakness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00067.html
[USN-847-2] devscripts vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00068.html
Docebo Multiple SQL-Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00070.html
[ MDVSA-2009:262 ] netpbm
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00071.html
CA20091008-01: Security Notice for CA Anti-Virus Engine
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00066.html
[ MDVSA-2009:260 ] imagemagick
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00069.html
[ MDVSA-2009:261 ] graphicsmagick
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00064.html
[USN-847-1] Devscripts vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00065.html
マイクロソフトとアドビ、「ゼロデイ攻撃」対処のパッチを公開へ
2009年10月14日にそれぞれ公開、リリース予定のパッチは多数
http://itpro.nikkeibp.co.jp/article/NEWS/20091013/338716/?ST=security
新種ウイルスを捕獲する“人柱型”ハニーポット,フォティーンフォティが発売
http://itpro.nikkeibp.co.jp/article/NEWS/20091009/338667/?ST=security
Some interesting SSL SPAM
http://isc.sans.org/diary.html?storyid=7333
Cyber Security Awareness Month - Day 11 - RPCBind aka Portmapper
http://isc.sans.org/diary.html?storyid=7324
Cyber Security Awareness Month - Day 12 Ports 161/162 Simple Network Management Protocol (SNMP)
http://isc.sans.org/diary.html?storyid=7327
User Notification for Possible Infected Systems
http://isc.sans.org/diary.html?storyid=7315
Cyber Security Awareness Month - Day 10 - The Questionsable Ports
http://isc.sans.org/diary.html?storyid=7318
THAWTE to discontinue free Email Certificate Services and Web of Trust Service
http://isc.sans.org/diary.html?storyid=7306
AT&T Cell Phone Phish
http://isc.sans.org/diary.html?storyid=7309
Unbound NSEC3 Signature Validation Bypass Security Issue
http://secunia.com/advisories/36996/
Quick.Cart Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/36994/
Debian update for python-django
http://secunia.com/advisories/36968/
Django forms Library Regular Expressions Denial of Service Vulnerability
http://secunia.com/advisories/36948/
Debian update for wget
http://secunia.com/advisories/36998/
Reflection for Secure IT Active Template Library Vulnerabilities
http://secunia.com/advisories/36993/
ezRecipe-Zee "cfg[prePath]" Remote File Inclusion Vulnerability
http://secunia.com/advisories/36992/
httpdx "h_handlepeer()" Buffer Overflow Vulnerability
http://secunia.com/advisories/36991/
Ubuntu update for devscripts
http://secunia.com/advisories/36987/
Red Hat update for squirrelmail
http://secunia.com/advisories/36986/
aria2 DHT Routing Table Buffer Overflow Vulnerability
http://secunia.com/advisories/36985/
Ubuntu update for icu
http://secunia.com/advisories/36984/
Adobe Reader/Acrobat Arbitrary Code Execution Vulnerability
http://secunia.com/advisories/36983/
Ubuntu update for pan
http://secunia.com/advisories/36981/
Ubuntu update for mimetex
http://secunia.com/advisories/36980/
CA Anti-Virus Engine RAR Processing Two Vulnerabilities
http://secunia.com/advisories/36976/
vBulletin User Profile Script Insertion Vulnerability
http://secunia.com/advisories/36970/
Fedora update for deltarpm
http://secunia.com/advisories/36963/
Fedora update for aria2
http://secunia.com/advisories/36962/
PBBoard Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36947/
HP Remote Graphics Software (RGS) Sender, Remote Unauthorized Access
http://www.securiteam.com/unixfocus/6S0032KPPQ.html
TrustPort Antivirus and PC Security Privilege Escalation Vulnerability
http://www.securiteam.com/unixfocus/6T0042KPPE.html
FlatPress FP-includes Remote Command Execution Vulnereability
http://www.securiteam.com/unixfocus/6Q0012KPPI.html
Adobe Photoshop Elements Active File Monitor Service Local Elevation Of Privileges
http://www.securiteam.com/unixfocus/6R0022KPPU.html
CA Anti-Virus arclib RAR Processing Flaws Let Remote Users Deny Service and Potentially Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Oct/1022999.html
Adobe Acrobat and Adobe Reader Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Oct/1022998.html
VMware Authorization Service Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Oct/1022997.html
IBM AIX Buffer Overflow in 'rpc.cmsd' Lets Remote Users Obtain Root Privileges
http://securitytracker.com/alerts/2009/Oct/1022996.html
PostgreSQL Bugs Let Remote Authenticated Users Deny Service and Remote Users Obtain Access
http://securitytracker.com/alerts/2009/Oct/1022992.html
HP LaserJet Printers, Color LaserJet Printers, and Digital Senders Input Validation Flaw Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Oct/1022991.html
Unbound NSEC3 Signature Validation Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/2875
httpdx "h_handlepeer()" Function Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2874
Reflection for Secure IT Active Template Library Vulnerabilities
http://www.vupen.com/english/advisories/2009/2873
Django Forms Library "EmailField" or "URLField" Denial of Service Issue
http://www.vupen.com/english/advisories/2009/2871
CA Anti-Virus Engine RAR Heap Corruption and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/2852
Adobe Reader and Acrobat Unspecified Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/2851
HP LaserJet Printers Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/2850
Symantec SecurityExpressions Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/2849
Palm Pre WebOS File Disclosure and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/2848
Omni-NFS Enterprise FTP Remote Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/2847
strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35452
Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891
Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35888
libmikmod Multiple Sound Channel Media Playback Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33235
libmikmod '.XM' File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33240
Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33151
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
Wireshark 1.2.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36408
Mono Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/30471
Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36260
Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36596
Apache mod_proxy_ftp Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/36254
Sun VirtualBox VBoxNetAdpCtl Configuration Tool Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36604
kses Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/28599
AWStats 'awstats.pl' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/30730
PHP 5.2.3 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/25498
IBM AIX 'rpc.cmsd' Calendar Daemon Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36615
Sympa 'sympa.pl' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/30727
Symantec Altiris eXpress NS SC Download ActiveX Control Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/36346
Netpbm 'pamperspective' Utility Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31871
Debian devscripts 'uscan' Input Validation Vulnerability
http://www.securityfocus.com/bid/36227
Docebo Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/36654
Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36205
Attachmate Reflection for Secure IT Active Template Library Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/36652
aria2 'DHTRoutingTableDeserializer::deserialize()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36332
Computer Associates Anti-Virus Engine 'arclib' Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36653
ImageMagick TIFF File Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35111
FreeBSD 'kqueue' NULL Pointer Dereference Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36375
SquirrelMail Form Submissions Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/36196
Zlib Compression Library Decompression Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/14340
Django 'EmailField' and 'URLField' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36655
0 件のコメント:
コメントを投稿