Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attack.
Update to "dev-db/phpmyadmin-2.6.2_rc1" or later.
SUSE has issued an update for kdelibs3. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), spoof the URL displayed in an address bar and status bar, or potentially compromise a vulnerable system.
Apply updated packages.
Andreas Constantinides has reported a vulnerability in the zOOm Media Gallery module for Mambo, which can be exploited by malicious people to conduct SQL injection attacks.
Input passed to the "catid" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability has been reported in version 2.1.2. Other versions may also be affected.
Edit the source code to ensure that input is properly sanitised.