[SECURITY] [DSA 2352-1] puppet security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2352-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff November 22, 2011

Multiple vulnerabilities in Dolibarr

Vulnerability ID: HTB23056 Reference: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_dolibarr.html Product: Dolibarr Vendor: Dolibarr foundation ( http://www.dolibarr.org/ ) Vulnerable Version: 3.1.0 RC and probably prior Tested Version: 3.1.0 RC Vendor Notification: 02 November

NGS00144 Patch Notification: FFmpeg Libavcodec buffer overflow remote code execution

High Risk Vulnerability in FFmpeg 23 November 2011 Phillip Langlois of NGS Secure has discovered a High risk vulnerability in FFmpeg Impact: Remote code execution Versions affected include: FFmpeg 0.7.8 This issue is addressed in v0.7.8 and v0.8.7, which can be downloaded at:

NGS00145 Patch Notification: FFmpeg Libavcodec out of bounds write remote code execution

High Risk Vulnerability in FFmpeg 23 November 2011 Phillip Langlois of NGS Secure has discovered a High risk vulnerability in FFmpeg Impact: Remote code execution Versions affected include: FFmpeg 0.7.8 This issue is addressed in v 0.7.8 and v0.8.7, which can be downloaded at:

NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution

High Risk Vulnerability in FFmpeg 23 November 2011 Phillip Langlois of NGS Secure has discovered a High risk vulnerability in FFmpeg Impact: Remote code execution Versions affected include: FFmpeg 0.7.8 This issue is addressed in v 0.7.8 and v0.8.7, which can be downloaded at:

Wordpress clickdesk-live-support-chat plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress clickdesk-live-support-chat plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. #

Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress featurific-for-wordpress plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. ## #

Wordpress enable-latex plugin Remote File Include Vulnerabilities

a bug in Wordpress enable-latex plugin that allows to us to occur a Remote File Include on a Remote machin. #

Wordpress meenews 5.1 plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress meenews 5.1 plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. #

PmWiki = 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability

--- PmWiki = 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability --- author...: Egidio Romano aka EgiX mail.: n0b0d13s[at]gmail[dot]com

TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181

TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181 Published: 2011/11/16 Version 1.0 Affected products: iTop version 1.1.181, 1.2.0-RC-282 (maybe earlier versions as well) http://sourceforge.net/projects/itop/ References: CVE-2011-4275 - Multiple

[ MDVSA-2011:177 ] freetype2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2011:177 http://www.mandriva.com/security/