HP Security Bulletin HPSBMU02786 SSRT100877 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 2 of this advisory.
5dbefc2f5ce267adce1e15986e02edbb8a3cd8b62ebf6a7c096957f60f594794
Red Hat Security Advisory 2013-0217-01 - These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW. IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release.
1cd549ed331d887cc45d0de02f4cca9d6965b1454f082a5f2089b316b13ce1f0
Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.
8b08f2840773bcd43aa00f4439e1687a278652e1b463a125bb95947245e9cf9b
Apple Security Advisory 2012-09-19-1 - iOS 6 is now available and addresses CFNetwork, CoreGraphics, CoreMedia, DHCP, and many other vulnerabilities.
948802ec7f4f098a6e019e724692dd60eae2f16a84688f9bf9597fcc368ca8d8
VMware Security Advisory 2012-0012 - VMware ESXi update addresses several security issues.
5b4b01c7d05b407f2019d9dcb62997fbe3639d1b4af2d9e365e42c1b2fc8c4ac
HP Security Bulletin HPSBMU02786 SSRT100877 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 1 of this advisory.
856251204fbecc5944b74b48232e96b353c5844f102f2b4ea9de3e11e27b5a7d
Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.
8a1ec648cdab00dde0f7ff37efd462d6ad93a16f2b5d89ca92fb566b939516e3
Debian Linux Security Advisory 2394-1 - Many security problems had been fixed in libxml2, a popular library to handle XML data files.
d5fae078b6c0ad6c78c51df892f7929b0be7131a3570eaff8a688d24b8f71737
Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.
828483a1a6bbf8065e049dfca2a65efa7ca35f2fa4a558adde9549639c05bfb7
Red Hat Security Advisory 2011-1749-03 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
eead364c20b8882241bccb8d72225a276f21d753a5bf3d9380c0d34f4174d01e
Gentoo Linux Security Advisory 201110-26 - Multiple vulnerabilities were found in libxml2 which could lead to execution of arbitrary code or a denial of service. Versions less than 2.7.8-r3 are affected.
050494453335042c55ed9e7f4f854af7f652eca09139b2bdd8a9211d1635b4ac
Mandriva Linux Security Advisory 2011-145 - Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling.
7089c6078eada2d879d785797ce58b1ae24e889eb5df5e26625fccb3e2851e1d