-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3673-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 22, 2016
BT Wifi Extenders - 300, 600 and 1200 models - Cross Site Scripting
leading to disclosure of PSK.
A firmware update is required to resolve this issue.
The essential problem is that if you hit the following URL on your
wifi extender, it will pop up a whole load of private data, including
your PSK.
IE11 is not following CORS specification for local files like Chrome
and Firefox.
I've contacted Microsoft and they say this is not a security issue so
I'm sharing it.
>From my tests IE11 is not following CORS specifications for local
files as supposed to be.
In order to prove I've created a malici
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] irssi (SSA:2016-265-03)
New irssi packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05270839
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05270839
Version: 1
HPSBHF03646 rev.1 - HPE Com
Title: Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-15
Download Site: http://huge-it.com/joomla-video-gallery/
Vendor: www.huge-it.com, fixed v1.1.0
Vendor Notified: 2016-09-17
Vendor Contact: i...@huge-it.com
Descript
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05273584
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05273584
Version: 2
HPSBGN03645 rev.2 - HPE Hel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] pidgin (SSA:2016-265-01)
New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3672-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 21, 2016