Language Selection

English French German Italian Portuguese Spanish

Other Security Advisories

Filed under
Security

Less critical

Description:
Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attack.

Solution:
Update to "dev-db/phpmyadmin-2.6.2_rc1" or later.

Link

Hightly Critical

Description:
SUSE has issued an update for kdelibs3. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), spoof the URL displayed in an address bar and status bar, or potentially compromise a vulnerable system.

Solution:
Apply updated packages.

Link

Moderately critical

Description:
Andreas Constantinides has reported a vulnerability in the zOOm Media Gallery module for Mambo, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "catid" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability has been reported in version 2.1.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Link

More in Tux Machines

Bringing open source to the NHS

Malcolm Senior, director of informatics at the Taunton and Somerset NHS Foundation Trust, has been writing about the prospect of open source in the NHS. The comments from Senior come a year after the announcement that Taunton and Somerset NHS Foundation Trust had signed a contract to implement the UK's first open source electronic patient record. Senior states that the open source approach in the NHS is not new, in fact the NHS has been doing it since the early 80's. Read more

Cinnamon Developers Working to Improve Loading Times for the Desktop

The Linux Mint developers are also working on the Cinammon desktop environment, so the distribution is not their entire focus. They are now trying to make it load faster and they say they already had some success. Read more

Plasma 5 with KDE Telepathy 0.9

While every effort in KDE Telepathy went to the Qt5/KDE Frameworks 5 porting and KAccounts migration, there are still distros/users that have KDE Telepathy 0.9 (the kde4 one) running in Plasma 5 session. All the applications of KDE Telepathy work just fine, the only problem are the Plasma applets, those are totally incompatible. So for those cases I've created a small Plasma 5 applet which works with KDE Telepathy 0.9. It can bring your accounts online or offline or open the contact list and accounts settings, just as you're used to and the only dependency is TelepathyQt5. However because of changes in Plasma 5 stuff, it's not perfect. Read more