Language Selection

English French German Italian Portuguese Spanish

Latest Secunia Security Advisories

Filed under
Security

Highly critical

  1. Gentoo update for pound fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
  2. Link

  3. Mandriva update for xpm fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

Link

Less critical

  1. Gentoo updates for horde, horde-vacation, horde-turba, horde-passwd, horde-nag, horde-mnemo, horde-kronolith, horde-imp, horde-accounts, horde-forwards and horde-chora. These fix a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
  2. Link

  3. Gentoo: A security issue has been reported in phpmyadmin, which can be exploited by malicious, local users to disclose sensitive information.

    The problem is that the file "[version]_create.sql" is left world-readable with the password for the pma user after the installation process.

    Solution:
    Change password for the MySQL pma user (see original advisory) and update to "dev-db/phpmyadmin-2.6.2-r1" or later.

  4. Link

  5. Mandriva update for perl fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
  6. Link

  7. Mandriva update for squid fixes two vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or cause a DoS (Denial of Service).
  8. Link

More in Tux Machines

7 killer open source monitoring tools

Network and system monitoring is a broad category. There are solutions that monitor for the proper operation of servers, network gear, and applications, and there are solutions that track the performance of those systems and devices, providing trending and analysis. Some tools will sound alarms and notifications when problems are detected, while others will even trigger actions to run when alarms sound. Here is a collection of open source solutions that aim to provide some or all of these capabilities. Read more

Reader Forum: Accelerating ‘IoT’ with an open-source, embedded platform for connected applications

Providing an end-to-end solution for building and deploying new connected applications extremely quickly, at scale, and at a fraction of the cost compared to conventional processes is key to streamlining M2M development. And, using an open-source, Linux-based platform, companies can run applications on any vendor’s hardware and use any cloud management platform. Read more

REPRISE OF AKADEMY 2014: ARTIKULATE

Even when it sounds like KDE Akademy is a just big party, we have been very productive as well. During the birds-of-a-feather (BoF) session on user experience, we discussed usability and visual design for some projects. Here we want to report about the first one: Artikulate. Read more

Technology on a Diet: 5 Reasons to Embrace Open Source

Sharing information in the name of innovation isn’t anything new. Collaborative intelligence helped publish the Oxford English Dictionary, spur advances in 19th century science and powered the world’s first automobile. Even Ben Franklin insisted on donating his bifocals and lightning rod to the public domain, likely dubbing him America’s first open-source advocate. The notion of “open source” predates software and the Internet by centuries, yet many of today’s largest government IT shops are still reluctant to turn to open alternatives from proprietary software, even in the face of shrinking budgets, overworked staff and heightened citizen expectations. Read more