The H Open Source reports that a flaw in the 1.0 branch of OpenSSL can potentially be exploited to compromise clients and even execute injected code
Another small vulnerability has been discovered in ispCP Omega 1.0.5 while running in DEBUG mode
A security patch has been released for ispCP Omega 1.0.5
PC World reports that Adobe has released a patch that addresses a number of vulnerabilities in versions of its Acrobat Pro/Reader
PC World reports that a new backdoor Trojan is out in the wild
Wine release 1.2 Release Candidate 3 has been released. Here the release announcement:
Clement Nedelcu posted a blog entry about a potential security issue with the Nginx webserver running PHP via FastCGI
The Inquirer reports that the latest Nvidia Linux driver have a security problem under Gentoo Linux
Rapid7, which says it discovered the flaw in the Linux graphics driver, says risk goes back to 2004.
Exploit code released for Nvidia flaw
Exploit code released for Nvidia flaw
MySQL AB this week issued a security patch for multiple vulnerabilities in its MySQL open-source database.
MySQL patches buffer overflow flaws
MySQL patches buffer overflow flaws
Email Battles posted a story on the Firefox 1.5.0.3 patch
Developers urge PostgreSQL users to update their installations immediately to protect themselves.
Open-source database issues 'critical' fix
Open-source database issues 'critical' fix
Open-source AppArmor tool promises to help fend off intruders by putting restrictions on software that's running.
Novell delivers security shield for Linux computers
Novell delivers security shield for Linux computers
Thanks Spunz. A HylaFAX security update has been released:
The HylaFAX development team is pleased to announce our 4.2.4 patch level release! As always, our sincerest thanks go to all who participate and provide feedback.
The source code for the 4.2.4 release can be downloaded from:
ftp://ftp.hylafax.org/source/hylafax-4.2.4.tar.gz
(md5: 1cda04f9faf643095b918956bacf1cf2 1,450,465 bytes)
The README from this release follows. Please read it carefully.
The HylaFAX development team is pleased to announce our 4.2.4 patch level release! As always, our sincerest thanks go to all who participate and provide feedback.
The source code for the 4.2.4 release can be downloaded from:
ftp://ftp.hylafax.org/source/hylafax-4.2.4.tar.gz
(md5: 1cda04f9faf643095b918956bacf1cf2 1,450,465 bytes)
The README from this release follows. Please read it carefully.
Dyad Security on Wednesday posted an advisory about a potentially serious flaw in the open-source scripting language Perl but some security experts say they find the vulnerability unlikely.
Concerns raised over Perl security flaw
Concerns raised over Perl security flaw
"Lupper" takes advantage of vulnerabilities in Web server software to propagate and install a backdoor.
New worm targets Linux systems
New worm targets Linux systems
Cornell researchers discovered that the average domain name is directly served by only two owner-controlled Domain Name Servers, but indirectly dependent on 46 servers. Thus, they say, a domain name can often be stolen by hijacking the two servers of the 46 that are most poorly maintained
DNS' Biggest Threats: You, Me, and Them
DNS' Biggest Threats: You, Me, and Them
A vulnerability in the popular open-source intrusion detection software could let an outsider commandeer an affected system.
Networks at risk from Snort bug
Networks at risk from Snort bug
Email Battles send words that many Linux systems are at risk because of a LDAP security problem
OSNews reports that no Hyper Threading vulnerability is in Linux Kernel
