Language Selection

English French German Italian Portuguese Spanish

Other Security Advisories

Filed under
Security

Less critical

Description:
Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attack.

Solution:
Update to "dev-db/phpmyadmin-2.6.2_rc1" or later.

Link

Hightly Critical

Description:
SUSE has issued an update for kdelibs3. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), spoof the URL displayed in an address bar and status bar, or potentially compromise a vulnerable system.

Solution:
Apply updated packages.

Link

Moderately critical

Description:
Andreas Constantinides has reported a vulnerability in the zOOm Media Gallery module for Mambo, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "catid" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability has been reported in version 2.1.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Link

More in Tux Machines

Norway closes its open source resource centre

The government of Norway will no longer fund its open source resource centre, Friprog. Activities are wound down and the centre will be closed at the end of the year, Friprog reports. The GoOpen conference, planned for last September but postponed to May 2015, is now cancelled. Read more

Automatic Feedback Directed Optimizer Merged Into GCC

The latest merged feature for next year's GCC 5 compiler release is AutoFDO support! AutoFDO is the Automatic Feedback Directed Optimizer. AutoFDO relies on the Linux kernel's perf framework for profiling with performance counters. AutoFDO interprets the perf output and attempts to use the FDO infrastructure to produce better optimized code generation. AutoFDO according to its Google engineers is said to be noticeably faster than traditional FDO for GCC. Read more

Ubuntu at Suzuka, Game-Changing Frictional Games, and Linux for Privacy

Today in Linux news, Softpedia.com brings us another Ubuntu spotted-in-the-wild sighting. Hamish Wilson looks at Frictional Games' body of work and how it changed computer gaming. My Linux Rig talks to Charles Profitt about his Ubuntu setup and The New American says use Linux if you're "sick of surveillance." Read more

5 open access journals for open source enthusiasts

The ever rising cost of academic journals is a major burden for researchers. Academic libraries cannot always keep up with increases in subscription fees causing libraries to drop journals from their collection. This makes it harder for students and professors to quickly and easily access the information they need. Inter-library loan requests are an option but they do take time. Even if it only takes a few days to fill an inter-library loan request, that is still time wasted for a researcher that has a deadline. While there is no single, quick fix to the problem with the academic journal prices, there is a movement applying the open source way to academic research in an attempt to solve the problem—the open access movement. Read more