+ Postfix stable release 2.8.6, 2.7.7, 2.6.13, 2.5.16
http://www.postfix.org/announcements/postfix-2.8.6.html
http://mirror.postfix.jp/postfix-release/official/postfix-2.8.6.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.7.7.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.13.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.5.16.HISTORY
UPDATE: Security updates available for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb11-24.html
CESA-2011:1386 (kernel)
http://lwn.net/Alerts/464073/
CESA-2011:1392 (httpd)
http://lwn.net/Alerts/464072/
Thunderbird Beta Channel: latest update available
http://www.mozilla.org/thunderbird/all-beta.html
http://www.mozilla.org/thunderbird/8.0beta/releasenotes/
phpMyAdmin 3.4.7 is released
http://sourceforge.net/news/?group_id=23067&id=304138
SA46491: Gentoo update for clamav
http://secunia.com/advisories/46491/
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1985) Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/49968
+ MySQL Community Server 5.5.17 has been released
http://dev.mysql.com/tech-resources/interviews/thomas-ulin-mysql-55.html
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html
+ Linux kernel 3.0.5, 3.0.6, 3.0.7 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.5
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.6
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.7
+ Sudo 1.7.8, 1.8.3 released
http://www.sudo.ws/sudo/news.html
http://www.sudo.ws/sudo/stable.html#1.7.8
http://www.sudo.ws/sudo/stable.html#1.8.3
+ Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322
++ [CPUOct2011] Oracle Critical Patch Update Advisory - October 2011
http://www.oracle.com/technetwork/jp/topics/ojkb155517-518195-ja.html
[ANNOUNCE] Apache OpenWebBeans 1.1.2 release
http://www.apache.org/dyn/closer.cgi/openwebbeans/1.1.2/
Apache Subversion 1.7.1 Released
http://subversion.apache.org/download/#recommended-release
HPSBMP02713 SSRT100651 rev.2 - Replaced by Document ID c03058866 - HPSBMU02716 SSRT100651
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03054543%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote Execution of Arbitrary Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03058866%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
HPSBOV02497 SSRT090245 rev.4 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c01961959%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03052686%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
FreeBSD 9.0-RC1 released
http://www.freebsd.org/news/newsflash.html#event20111023:01
チャットサポートの一時的な停止につきまして(2011年11月5日)
http://www.trendmicro.co.jp/support/news.asp?id=1668
ペンタセキュリティ、WAFに仮想アプライアンス版を追加
http://itpro.nikkeibp.co.jp/article/NEWS/20111021/371202/?ST=security
TeamSHATTER Security Advisory: SQL Injection Vulnerability in Oracle DROP INDEX for spatial datatype
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00135.html
TeamSHATTER Security Advisory: Database Vault Account Management Vulnerabilites
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00134.html
TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN fu
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00133.html
[ MDVSA-2011:158 ] phpmyadmin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00132.html
VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00130.html
[ MDVSA-2011:157 ] freetype2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00129.html
inCommand Technologies, Inc. Cross-site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00131.html
Metasploit 4.1.0 Web UI stored XSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00128.html
tcpdump and IPv6
http://isc.sans.edu/diary.html?storyid=11872
Oracle Java SE Critical Patch Update
http://isc.sans.edu/diary.html?storyid=11869
Red Hat update for kernel
http://secunia.com/advisories/46543/
Elgg pg/search SQL Injection Vulnerability
http://secunia.com/advisories/46514/
Google Chrome NSS Insecure Library Loading Vulnerability
http://secunia.com/advisories/46471/
GNOME Empathy Nickname Script Insertion Vulnerability
http://secunia.com/advisories/46510/
Network Security Services Insecure Library Loading Vulnerability
http://secunia.com/advisories/46557/
Red Hat update for httpd
http://secunia.com/advisories/46456/
Red Hat update for httpd
http://secunia.com/advisories/46542/
WHMCompleteSolution "templatefile" Local File Inclusion Vulnerability
http://secunia.com/advisories/46312/
Ubuntu update for linux
http://secunia.com/advisories/46539/
Ubuntu update for open-iscsi
http://secunia.com/advisories/46535/
Pre Studio Business Cards Designer "id" SQL Injection Vulnerability
http://secunia.com/advisories/46545/
Joomla! Multiple NoNumber Extensions Local File Inclusion and PHP Code Execution
http://secunia.com/advisories/46459/
SUSE update for ldns
http://secunia.com/advisories/46470/
Debian update for wireshark
http://secunia.com/advisories/46482/
Schneider Electric Products UnitelWay Device Driver Privilege Escalation Vulnerability
http://secunia.com/advisories/46534/
Check Point Products ByteRange Filter Denial of Service Vulnerability
http://secunia.com/advisories/46474/
Ubuntu update for acpid
http://secunia.com/advisories/46540/
Medium severity flaw in QNX Neutrino RTOS
http://securityreason.com/securityalert/8475
MS11-064 TCP/IP Stack Denial of Service
http://securityreason.com/securityalert/8474
MS11-077 .fon Kernel-Mode Buffer Overrun PoC
http://securityreason.com/securityalert/8473
Mozilla Firefox Array.reduceRight() Integer Overflow Exploit
http://securityreason.com/securityalert/8472
HP Onboard Administrator (OA), Remote Unauthorized Access
http://securityreason.com/securityalert/8471
Citect Buffer Overflow in UnitelWay Driver Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026234
REMOTE: Oracle AutoVue 20.0.1 AutoVueX ActiveX Control SaveViewStateToFile Vulnerability
http://www.exploit-db.com/exploits/18016
REMOTE: HP Power Manager 'formExportDataLogs' Buffer Overflow
http://www.exploit-db.com/exploits/18015
DoS/PoC: Google Chrome Denial Of Service (DoS)
http://www.exploit-db.com/exploits/18025
DoS/PoC: MS11-077 Win32k Null Pointer De-reference Vulnerability POC
http://www.exploit-db.com/exploits/18024
DoS/PoC: Google Chrome PoC, killing thread
http://www.exploit-db.com/exploits/18019
DoS/PoC: Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS (Poc)
http://www.exploit-db.com/exploits/18017
Schneider Electric Products UnitelWay Device Driver Local Buffer Overflow
http://www.vupen.com/english/ADV-2011-2216.php
OCS Inventory NG Data Processing Cross Site Scripting Vulnerability
http://www.vupen.com/english/ADV-2011-2215.php
IBM WebSphere Application Server for z/OS WS-Security Vulnerability
http://www.vupen.com/english/ADV-2011-2214.php
Oracle Database Server Database Vault 'DV_ACCTMGR' Privileges Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/50219
Oracle Database 'CTXSYS.DRVDISP' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50199
Oracle Database CVE-2011-3512 SQL Injection Vulnerability
http://www.securityfocus.com/bid/50203
TYPO3 pdf_generator2 Extension Remote Commend Execution and Remote File Disclosure Vulnerabilities
http://www.securityfocus.com/bid/50304
Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/49303
Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49957
Red Hat Linux Kernel CVE-2011-3347 VLAN Packets Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50312
phpMyAdmin Setup Interface Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50175
phpMyAdmin Tracking Feature Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/49306
Progea Movicon Multiple Heap Based Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/49605
Cisco TelePresence Video Communication Server 'User-Agent' HTTP Header HTML Injection Vulnerability
http://www.securityfocus.com/bid/50084
Apple iOS Free Type Font Document Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/50155
X.Org X11 Local Privilege Escalation Vulnerability and Memory Leak Vulnerability
http://www.securityfocus.com/bid/50002
HP Power Manager 'formExportDataLogs' Buffer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37867
Oracle Java SE CVE-2011-3558 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50242
Oracle Java SE CVE-2011-3548 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50211
Oracle Java SE CVE-2011-3551 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50224
Elgg 'limit' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/50327
SportsPHool 'mainnav' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/50325
Mozilla NSS 'NSS_NoDB_Init()' Insecure Library Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/50324
Empathy 'nickname' Field Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50323
Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322
Oracle AutoVue 'AutoVueX.ocx' ActiveX Control 'SaveViewStateToFile()' Insecure Method Vulnerability
http://www.securityfocus.com/bid/50321
Opera Web Browser Tree Traversing Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/50320
0 件のコメント:
コメントを投稿