Blogs

Mailman 2.1.14 released which fixes one security hole

https://launchpad.net/mailman/2.1/2.1.14

"Mailman 2.1.14 is mainly a bug fix release, but it contains one
security fix as previously announced at

and one new feature."

The security update fixes some cross-site scripting concerns.

"The vulnerabilities are obscure and can only be exploited by a list
owner, but if you are concerned about them you can plan to install the
patch."

Security update 2010-005 for Mac OS X Server 10.5, Mac OS X 10.5.8 , Mac OS X Server 10.6 , Mac OS X 10.6.4 released

http://support.apple.com/kb/HT4312

This security update fixes 8 vulnerabilities in the OS X operating
system. Vulnerabilities could lead to arbitrary code execution, user
credential interception, or host impersonation.

It is recommended that mac users update their computers.

Thanks,
Brian

Security update 2010-005 for Mac OS X Server 10.5, Mac OS X 10.5.8 , Mac OS X Server 10.6 , Mac OS X 10.6.4 released

http://support.apple.com/kb/HT4312

This security update fixes 8 vulnerabilities in the OS X operating
system. Vulnerabilities could lead to arbitrary code execution, user
credential interception, or host impersonation.

It is recommended that mac users update their computers.

Thanks,
Brian

APPLE-SA-2010-09-15-1 QuickTime 7.6.8

http://support.apple.com/kb/HT4339

"APPLE-SA-2010-09-15-1 QuickTime 7.6.8

QuickTime 7.6.8 is now available and addresses the following:

QuickTime
CVE-ID: CVE-2010-1818
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution "

CVE-2010-3069 Samba: Stack-based buffer overflow by processing specially-crafted SID records

https://www.redhat.com/security/data/cve/CVE-2010-3069.html

"A missing array boundary checking flaw was found in the way Samba parsed
the binary representation of Windows security identifiers (SIDs). A
malicious client could send a specially-crafted SMB request to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-3069)"

Security update 2010-005 for Mac OS X Server 10.5, Mac OS X 10.5.8 , Mac OS X Server 10.6 , Mac OS X 10.6.4 released

http://support.apple.com/kb/HT4312

This security update fixes 8 vulnerabilities in the OS X operating
system. Vulnerabilities could lead to arbitrary code execution, user
credential interception, or host impersonation.

It is recommended that mac users update their computers.

Thanks,
Brian

APPLE-SA-2010-09-15-1 QuickTime 7.6.8

http://support.apple.com/kb/HT4339

"APPLE-SA-2010-09-15-1 QuickTime 7.6.8

QuickTime 7.6.8 is now available and addresses the following:

QuickTime
CVE-ID: CVE-2010-1818
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution "

CVE-2010-3069 Samba: Stack-based buffer overflow by processing specially-crafted SID records

https://www.redhat.com/security/data/cve/CVE-2010-3069.html

"A missing array boundary checking flaw was found in the way Samba parsed
the binary representation of Windows security identifiers (SIDs). A
malicious client could send a specially-crafted SMB request to the Samba
server, resulting in arbitrary code execution with the privileges of the
Samba server (smbd). (CVE-2010-3069)"

Pages