Language Selection

English French German Italian Portuguese Spanish

Other Security Advisories

Filed under
Security

Less critical

Description:
Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attack.

Solution:
Update to "dev-db/phpmyadmin-2.6.2_rc1" or later.

Link

Hightly Critical

Description:
SUSE has issued an update for kdelibs3. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), spoof the URL displayed in an address bar and status bar, or potentially compromise a vulnerable system.

Solution:
Apply updated packages.

Link

Moderately critical

Description:
Andreas Constantinides has reported a vulnerability in the zOOm Media Gallery module for Mambo, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "catid" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability has been reported in version 2.1.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Link

More in Tux Machines

today's leftovers

Ninja Blocks prepares to begin shipping, announces major Ubuntu IoT deal

Ninja Blocks has begun shipping the Ninja Sphere and announced it has signed up as a key partner for Canonical’s Ubuntu Core embedded device operating system, as it opens its first office in the US. The startup launched in 2012, when it was selected to participate the Startmate accelerator program, and also smashed a Kickstarter campaign for its first product, which was also called Ninja Blocks. Read more

Netrunner 14.1 – Main Edition (Frontier)

The “14.1” indicates an updated and polished release of Netrunner 14 LTS on the same underlying base. Since 14.1 is using the same base “trusty” like Netrunner 14, there is no need for users of 14 to migrate: Simply updating from the shared backports ppa of the Frontier release cycle should give the same result, while keeping customizations in place. Read more

Wayland 1.6.1 & Weston 1.6.1 Released

Bryce Harrington, the former Canonical employee part of Ubuntu's X/Mir team turned Samsung open-source employee, has issued the first maintenance update for Wayland 1.6. Wayland 1.6.1 and the reference compositor Weston 1.6.1 were released on Friday night by Harrington. The Wayland 1.6.1 stable update has just over a dozen changes and they're mostly tiny bug-fixes/corrections but there is also improved handling for some error situations between servers and clients. The brief Wayland 1.6.1 release announcement can be read on the Wayland mailing list. Read more