A vulnerability in Gzip could lead to remote code execution. This is
especially critical for services that automatically gunzip files as part
of vulnerability scanning.
Multiple OS versions are affected.
It is recommended that the latest available version of gzip be applied
to systems which use Gzip.
This remote code execution vulnerability only affects IE5 and IE6.
Please see the link above for more information.
It is recommended that users of IE5 or IE6 patch to the latest version,
upgrade to IE8 or use an alternative browser to mitigate this risk.
In addition to [NET #1667] VMSA-2010-0002, VMware announced an update to
VMSA-2009-0016.2. This announcement covers 93 CVE vulnerabilities (31
duplicated from VMSA-2010-0002).
The first time I heard about User Private Groups (UPG) is when I was installing one of my first Red Hat Linux systems when I was in college. As a seasoned Solaris administrator, I thought it was very odd that Red Hat didn't put my users into a default group of staff. And then they wanted to change my umask from 022 to 002? What the heck, that doesn't sound secure?
"VMware would like to announce the availability of a public draft for the vSphere 4.0 Security Hardening Guide. This guide represents a new approach to providing security guidance from VMware."