Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting Continue Reading — Debian LTS: DLA-2229-1: php-horde-gollem security update>

The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Continue Reading — Debian LTS: DLA-2228-1: json-c security update>

An update that solves one vulnerability and has one errata is now available. Continue Reading — openSUSE: 2020:0746-1: libmspack>

New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation. Continue Reading — Fedora 31: marked FEDORA-2020-5eca570e16>

New version 3.2.4, enabled build with androiddump. Continue Reading — Fedora 31: wireshark FEDORA-2020-ca3d3f15f0>

New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation. Continue Reading — Fedora 32: marked FEDORA-2020-d714c08261>

New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation. Continue Reading — Fedora 32: marked FEDORA-2020-d714c08261>

Security fix for https://www.drupal.org/sa-core-2020-002 and https://www.drupal.org/sa-core-2020-003 Continue Reading — Fedora 32: drupal7 FEDORA-2020-11be4b36d4>

Security fix for https://www.drupal.org/sa-core-2020-002 and https://www.drupal.org/sa-core-2020-003 Continue Reading — Fedora 32: drupal7 FEDORA-2020-11be4b36d4>

Several vulnerabilities were discovered in BIND, a DNS server implementation. Continue Reading — Debian LTS: DLA-2227-1: bind9 security update>