Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-04-16 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple's latest release to OS X; phpBB posts new release

Published: 2005-04-16
Last Updated: 2005-04-16 23:55:15 UTC
by Tony Carothers (Version: 1)
0 comment(s)
New releases from a couple of vendors, otherwise a relatively quiet day.

Apple's latest release delivers security fixes



With the recent release of Mac OS X v10.3.9, and Mac OS X v10.3.9 Server, Apple has addressed several security vulnerabilities. The vulnerabilities, CVE ID#'s CAN-2005-0969 thru CAN-2005-0976, address both kernel and browser vulnerabilities.


Details of the recent release, along with specific vulnerability detals, can be found at
http://docs.info.apple.com/article.html?artnum=61798



The updates can be found at
http://www.apple.com/support/downloads/

phpBB Group posts release 2.0.14



http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=281963



The "We know we are (not) furry" release includes both bugfixes and non-critical security issues. The changelog, shown below, is from the phpbb website.

-----

-Hardened author and keyword search a bit to not allow very server intensive searches

-Fixed full path disclosure in bad word parsing

-Resetting complete userdata array in session code if authentication fails

-Fixed bug in moderator control panel where certain parameters could lead to an "error creating new session" sql error

-Fixed bug in session code where empty page ids could lead to an "error creating new session" sql error

-Fixed html handling in signatures if html is turned off globally

-Fixed install.php problem with PHP5 register_long_arrays option turned off

-Fixed potential issues with styling system

-Added correct class to login_body template file

-Removed file db/oracle.php from package

-Removed version number from message body page in /admin (if user is not an admin) - mikelbeck

-Fixed case-sensitivity issues in postgres7.php - R45
-----





Tony Carothers

ISS, Inc.

Handler on Duty

tony dot carothers at gmail dot com
Keywords:
0 comment(s)
Diary Archives