ep's blog

Mailman 2.1.14 released which fixes one security hole


"Mailman 2.1.14 is mainly a bug fix release, but it contains one
security fix as previously announced at

and one new feature."

The security update fixes some cross-site scripting concerns.

"The vulnerabilities are obscure and can only be exploited by a list
owner, but if you are concerned about them you can plan to install the

Security update 2010-005 for Mac OS X Server 10.5, Mac OS X 10.5.8 , Mac OS X Server 10.6 , Mac OS X 10.6.4 released


This security update fixes 8 vulnerabilities in the OS X operating
system. Vulnerabilities could lead to arbitrary code execution, user
credential interception, or host impersonation.

It is recommended that mac users update their computers.


Wordpress 2.9.2 security update


Release overview:

"In add_menu_page(), the callback function gets hooked unconditionally.
$access_level is ignored."

It is recommended to update all versions of Wordpress to the newest
version, 2.9.2. Running version 2.9.1 or earlier should be treated as:

Tabnabbing phishing attack


Apparently, when you move to another tab in your web browser, the tab you were originally using can detect that it has lost focus.  A malicious website can take the opportunity to load new content in the tab, change its title and appear to be a different website.

When you return, if you try to login using your credentials, you could be handing them over to a malicious source.