search for: vulerabilities

Asterisk Project Security Advisory - AST-2017-007 Product Asterisk Summary Remote Crash Vulerability in res_pjsip Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

Hi. I frequently convert date and time data to and from character representations. I'm frustrated with chron, because 'seconds' are required to create a time object (my input data never has seconds). More importantly, I cannot make chron print the format 12/30/2006 (which my output data requires). I really like the format flexibility of strftime() and strptime(), but of course

Hi I'd like to know if the present version of Bind in CentOS 6 (bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776. According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) as of Sep 2014. Regards ian

Hi! Since linux-flashplugin7 r63 is vulnerable according to http://vuxml.FreeBSD.org/7c75d48c-429b-11db-afae-000c6ec775d9.html isn't www/linux-seamonkey vulerable, too (it seems to include 7 r25)? Bye Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

...t ============================================================= You can build openldap-client-2.2.15 with the following options: WITH_SASL with (Cyrus) SASL2 support ============================================================= Dependency warning: used OpenSSL version contains known vulerabilities Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT *** Error code 1 Stop in /usr/prts/net/openldap22-client. *** Error code 1 Stop in /usr/ports/net/samba3. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ OK. I Googled for this problem with all sorts of...

Hi Timo, reading this http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/ it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use with apple mail ( if no ECDHE is possible ,by missing openssl 1.x etc, seems that apple mail tries ECDHE first if fails its going to use RSA-AES128-SHA ) force soltution as tried ssl_cipher_list =

Having a god-awful time installing Rails. I started with the instructions found on this page: http://articles.slicehost.com/2007/11/23/ubuntu-gutsy-mysql-and-ror I get the following error: vbfischer@ubuntu:~$ sudo gem install rails [sudo] password for vbfischer: Bulk updating Gem source index for: http://gems.rubyforge.org/ Updating metadata for 13 gems from http://gems.rubyonrails.org/

Hi everyone, Microsoft is going to tighten their AD LDAP binding security in mid-January 2020 [1][2]. I am wondering if this change is identical or similar to the "ldap server require strong auth=yes" parameter in smb.conf. Or if it more like "ldap server require strong auth=allow_sasl_over_tls". From [1] : """ Summary LDAP channel binding and LDAP

Hi, Recently some security issues with bind have come up. NetBSD patched it's version of 9.3.0: http://mail-index.netbsd.org/source-changes/2005/01/27/0009.html Is the version in RELENG_5 not affected? (ftp://ftp.isc.org/isc/bind/9.3.0/9.3.0-patch1) Bye, Mipam.

Hi, We are using CentOS 5.5 as a base OS for one of our products.The version of Glibc we are using was glibc-2.5-123.el5_11.1. We wanted to see whether this glibc is vulerable to CVE-2015-1781. I have gone through re-documentation & came across the following link https://access.redhat.com/security/cve/cve-2015-1781 In the link it is mentioned that, the CVE will not be fixed in Red-Hat 5

my ports database seems to have become broken. I'm running -stable, but haven't rebuilt the system in a year or so (I know, security vulerabilities, but the box has been shelved in this time). anyhow, at this point, I can't do even a make clean in ports, or build portupgrade. I fetched portupgrade with pkg_add hoping that running pkgdb -F would sort things out, but it errors with: ** Error occured reading /usr/local/etc/pkgtools.conf:...

Hi, FYI - don't sue me for posting this here - I know, everyone who needs this info *should* have it already, but maybe not ;-) Kind regards, B. Courtin -- OpenSSL Security Advisory [30 July 2002] This advisory consists of two independent advisories, merged, and is an official OpenSSL advisory. Advisory 1 ========== A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are

I am currently NOT using SSL on my Samba domain. While reading "Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC" and thinking about implementing. I'm having trouble "getting my head" around what certificates go where. Simply put, I am not clear as to generating certificates on the clients and then copy which files to to the server or vice versa? What happens when

Hi debug-info folks, Time for another update on the variable location "instruction referencing" implementation I've been doing, see this RFC [0, 1] for background. It's now at the point where I'd call it "done" (as far as software ever is), and so it's a good time to look at what results it produces. And here are the scores-on-the-doors using llvm-locstats, on

Awesome to read how it's coming along - I'm mostly aside from the debug location work, but had just one or two clarifying questions On Fri, Nov 6, 2020 at 10:27 AM Jeremy Morse <jeremy.morse.llvm at gmail.com> wrote: > > Hi debug-info folks, > > Time for another update on the variable location "instruction referencing" > implementation I've been doing,