ArchLinux security advisories

Similar Messages

• Security Advisories RSS problem

  Dear all,
  I cannot download Security Advisories RSS Content using microsoft outlook 2007, Does anyone have the same problem?
  Thanks and best regards!,

  Dear Kglad,
  Thanks for your instant reply as I have already mention I have tried with crossdomain.xml
  If you want to check the crossdomain and the fla files then I will mail u the details please provide me the email address
  Once again thanks
  Regards
  Raj

• How I can contact Account Security Advisor know that you contacted iTunes Store Support to let them know that I contacted iTunes Store Support by email

  HowI can contact Account Security Advisor know that you contacted iTunes Store Support to let them know that I contacted iTunes Store Support by email ?

  The case number that you were provided, which is linked to either your device or your contact information (like your email address), is how Apple Advisors keep track of your contact with their departments.  When they bring up either the case number or your contact information, all of that is supposed to be linked together.

• IOS-XE version numbers (specifically as they relate to Security Advisories)

  I am working through all the recent security advisories and I am having a little trouble discerning between the IOS-XE version numbers and the other numbers on the page. For example in the following: https://tools.cisco.com/bugsearch/bug/CSCur27466 it states that "3.6.xE Not Vulnerable" but if you read further down the page to the details section it then states 
  Known Affected Releases: (4)
  15.2(2)E
  15.4(1)S
  15.4(2)S
  I am under the impression that 3.6.xE and 15.2(2)E are the same software and the 15.2(2)E is just a mapping to relate it to the classic IOS version numbering.
  Is the bug information incorrect or are those two truly two separate pieces of software and one is vulnerable while the other is not. Please keep in mind the bug above is just and example. I am running into this with quite a few other bugs that are related to IOS-XE.

  Hi Davek,
  In your platform options file, for the frameworks you need to link to weakly, you may try using -weak_framework linker option. eg.
  <option>-weak_framework Twitter</option>
  Using -framework will always link to the framework strongly, despite the setting used while compiling the native library in XCode.
  In general, in this file, you can use the linker options in the way they are provided to ld command.
  Hope this helps.

• HT1937 Account Security Advisor??

  hi, i dont remember my security answer, and i would like to call the apple Account Security Advisor, but apple dosent have a support in Oman, is there is any other way to get in touch with Account Security Advisor??

  SECURITY QUESTIONS
  Read this note for information on how to reset the security questions http://support.apple.com/kb/HT5312
  This user tip may also help you http://discussions.apple.com/docs/DOC-4551
  If you do not have a rescue email then contact Apple http://www.apple.com/emea/support/itunes/contact.html  or   https://expresslane.apple.com/Issues.action

• About MS Updates, Security Bulletins, Rollups, & Security Advisories

  Example:
  The better "knowledge base" article that describes the vulnerability  https://technet.microsoft.com/library/security/2264072
  The article that actually has the downloads http://support.microsoft.com/en-us/kb/982316
  Why are these not pushed out through the Microsoft Update Catalog or any of the update catalogs? I can give a list of other updates that I have to manually configure. Yes, I understand it can be imported into various utilities, WSUS, SCCM, but why not out
  through a catalog as well?

  Unfortunately your post is off topic as it's not specific to Microsoft Training and Certification.  
  This is a standard response I’ve written in advance to help the many people who post their question in this forum in error, but please don’t ignore it.  The links I provide below will help you determine the right forum to ask your question in.
  For technical issues with Microsoft products that you would run into as an end user, please visit the Microsoft Answers forum ( http://answers.microsoft.com ) which has sections for Windows, Hotmail,
  Office, IE, and other products.
  For Technical issues with Microsoft products that you might have as an IT professional (like technical installation issues, or other IT issues), please head to the TechNet Discussion forums at http://social.technet.microsoft.com/forums/en-us, and
  search for your product name.
  For issues with products you might have as a Developer (like how to talk to APIs, what version of software do what, or other developer issues), please head to the MSDN discussion forums at http://social.msdn.microsoft.com/forums/en-us, and
  search for your product or issue.
  If you’re asking a question particularly about one of the Microsoft Dynamics products, a great place to start is here: http://community.dynamics.com/ 
  If you think your issue is related to Microsoft Training and Certification and I've flagged it as Off-topic, I apologise.  Please repost your question and include as much detail as possible about your problem so that someone can assist you further. 
  If you really have no idea where to post your question please visit the Where is the forum for…? forum http://social.msdn.microsoft.com/forums/en-us/whatforum/
  When you see answers and helpful posts, please click Vote As Helpful,
  Propose As Answer, and/or Mark As Answer
  Jeff Wharton
  MSysDev (C.Sturt), MDbDsgnMgt (C.Sturt), MCT, MCSE: Data Platform & Business Intelligence
  Blog: Mr. Wharty's Ramblings
  Twitter: @Mr_Wharty
  MC ID:
  Microsoft Transcript

• I need to delete my Apple ID on my iPhone 4.  I forgot my psw for my account.  When I answer the security question, the system responds incorrect answer.  I created a new Apple iTunes account but I still unable to delete the old iTunes account.

  I need to delete my Apple ID on my iPhone 4.  I forgot my psw for my account.  When I answer the security question, the system responds incorrect answer.  I created a new Apple iTunes account but I still unable to delete the old iTunes account.

  AppleFAN7591 wrote:
  I need to delete my Apple ID on my iPhone 4.  I forgot my psw for my account.  When I answer the security question, the system responds incorrect answer.  I created a new Apple iTunes account but I still unable to delete the old iTunes account.
  How to reset your Apple ID password.
  Go to iforgot.apple.com and type in your Apple ID, then click 'Next'.
  Verify your date of birth, then click 'Next'.
  You'll be able to choose one of two methods to reset your password, either E-Mail Authentication or Answer Security Questions.
  If neither method works, then go to https://getsupport.apple.com
  (If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services')
  Choose 'More Products & Services', then 'Apple ID'.
  A new page will open.
  Choose 'Other Apple ID Topics', then 'Lost or forgotten Apple ID password'.
  Click the blue 'Continue' button.
  Select the contact option that suits your needs best.
  How to reset your Apple ID security questions.
  Go to appleid.apple.com, click on the blue button that says 'Manage Your Apple ID'.
  Log in with your Apple ID and password. (If you have forgotten your Apple ID password, go to iforgot.apple.com first to reset your password with a password recovery email)
  Go to the Password & Security section on the left side, and click on the link underneath the security questions that says 'Forgot your answers? Send reset security info email to [email]'.  This will generate an automated e-mail that will allow you to reset your security questions.
  If that doesn't work, or  there is no rescue email link available, then click on 'Temporary Support PIN' that is in the bottom left side, and generate a 4-digit PIN for the Apple Account Security Advisor you will be contacting later.
  Next, go to https://getsupport.apple.com
  (If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services')
  Choose 'More Products & Services', then 'Apple ID'.
  A new page will open.
  Choose 'Other Apple ID Topics', then 'Forgotten Apple ID Security Questions'.
  Click the blue 'Continue' button.
  Select the contact option that suits your needs best.

• Please can someone tell me how to retrieve my security question??

  forgot my security question answer what I do now?

  How to reset your Apple ID security questions
  Go to appleid.apple.com and click on the blue button that says 'Manage Your Apple ID'.
  Log in with your Apple ID and password. If you have forgotten your Apple ID password, go to iforgot.apple.com first to reset your password with a password recovery email.
  Go to the Password & Security section on the left side, and click on the link underneath the security questions that says 'Forgot your answers? Send reset security info email to [email]'.  This will generate an automated e-mail that will allow you to reset your security questions. 
  If that doesn't work, or  there is no rescue email link available, then:
  click on 'Temporary Support PIN' that is in the bottom left side, and generate a 4-digit PIN for the Apple Account Security Advisor you will be contacting later. 
  Next, go to getsupport.apple.com. If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services'.
  Choose 'More Products & Services', then 'Apple ID'.
  A new page will open.  Choose 'Other Apple ID Topics', then 'Forgotten Apple ID Security Questions'.
  Click the blue 'Continue' button.
  Select the contact option that suits your needs best.
  The above information quoted with gratitude from TJBUSMC1973, another user in these forums.
  Forum Tip: Since you're new here, you've probably not discovered the Search feature available on every Communities page, but next time, it might save you time (and everyone else from having to answer the same question multiple times) if you search a couple of ways for a topic, both in the relevant forums and in the Apple Knowledge Base before you post a question.
  Regards.

• How do you change your security questions for your Apple ID ?

  How do you change your security questions under your Apple ID

  How to reset your Apple ID security questions.
  Go to appleid.apple.com, click on the blue button that says 'Manage Your Apple ID'.
  Log in with your Apple ID and password. (If you have forgotten your Apple ID password, go to iforgot.apple.com first to reset your password with a password recovery email)
  Go to the Password & Security section on the left side, and click on the link underneath the security questions that says 'Forgot your answers? Send reset security info email to [email]'.  This will generate an automated e-mail that will allow you to reset your security questions.
  If that doesn't work, or  there is no rescue email link available, then click on 'Temporary Support PIN' that is in the bottom left side, and generate a 4-digit PIN for the Apple Account Security Advisor you will be contacting later.
  Next, go to https://getsupport.apple.com
  (If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services')
  Choose 'More Products & Services', then 'Apple ID'.
  A new page will open.
  Choose 'Other Apple ID Topics', then 'Forgotten Apple ID Security Questions'.
  Click the blue 'Continue' button.
  Select the contact option that suits your needs best.

• Upgrade to Photoshop Elements 10 - Security Advisory for PSE 8 and earlier

  https://www.adobe.com/support/security/advisories/apsa11-03.html
  Based on the aforementioned advisory, those of you using Photoshop Elements 8, or earlier, should probably upgrade to v10 (or at least 9). Although it has been stated that, "Adobe is not aware of any attacks exploiting these vulnerabilities against Adobe Photoshop Elements to date", it seems silly to run software that contains one or more known critical vulnerabilities and Adobe is NOT going to fix the issue since PSE 8 and earlier versions are no longer supported. Nice of Adobe not to bother fixing a vulnerability in one of their software products when the version involved is only ~2 years old (PSE 8) but the mentality appears to be one designed to virtually force users to pay for upgrades every year or two. FWIW.....

  I admit that it is rather strange that they just issued that advisory when they probably knew about it when pse 8 was stiil being sold.
  Since pse 8 shares much of the code of cs4, look at the date on this advisory for cs4 and yes adobe doesn't have a good track
  record about updating photoshop elements and that is kinda bothersome.
  http://www.adobe.com/support/security/bulletins/apsb10-13.html
  MTSTUNER

• Oracle 8 security risks

  ISS Security Advisory
  May 6, 1999
  Multiple File System Vulnerabilities in Oracle 8
  Synopsis:
  Internet Security Systems (ISS) X-Force has discovered that
  multiple vulnerabilities exist in Oracle 8 that may allow local
  attackers to exploit weaknesses in Oracle administrative tools.
  Oracle is the market leader in enterprise database solutions.
  Attackers may use these vulnerabilities to amplify their
  privilege to that of the foracleF user. By default, the oracle
  user controls the entire Oracle database system. Attackers may
  launch local denial of service attacks against the database as
  well as alter or manipulate data.
  Affected Versions:
  ISS X-Force has determined that most current versions of Oracle
  8 for Unix are vulnerable. These versions include 8.03, 8.04,
  8.05, and 8.15. Oracle 8 for Windows NT is not affected by
  these vulnerabilities.
  Description:
  The Oracle 8 distribution is shipped with many administrative
  utilities that are owned by the oracle user with the setuid bit
  enabled. Several of these utilities implement insecure file
  creation and manipulation. These utilities also trust Oracle-
  related environment variables. The combined effect of these
  vulnerabilities may allow local attackers to create, append to,
  or overwrite privileged oracle files. Certain vulnerabilities
  exist that may allow local attackers to execute arbitrary
  commands as the oracle user. Attackers may also be able to
  permanently elevate their privilege to that of the oracle user.
  Temporary files that follow symbolic links are a common source
  of vulnerabilities in setuid executables. Administrators should
  remove or restrict access to setuid executables if possible.
  Developers of setuid programs need to take special precautions
  to prevent
  the introduction of vulnerabilities of this nature. ISS X-Force
  recommends
  that all Unix developers become familiar with Matt BishopFs
  secure
  programming guide, available at
  http://olympus.cs.ucdavis.edu/~bishop/secprog.html
  Fix Information:
  ISS X-Force has worked with Oracle to provide a patch for the
  vulnerabilities described in this advisory. Oracle has provided
  the following FAQ to answer any questions concerning these
  vulnerabilities.
  Q: IFve heard about a setuid security issue with the Oracle
  database? What is this all about?
  A: On Unix platforms, some executable files have the setuid bit
  on. It may be possible for a very knowledgeable user to use
  these executables to bypass your system security by elevating
  their operating system privileges to that of the Oracle user.
  Q: Which releases are affected by this problem?
  A: This problem affects Oracle data server releases 8.03, 8.0.4,
  8.0.5, and 8.1.5 on Unix platforms only.
  Q: Can I correct this problem or do I need a patch?
  A: This problem can easily be corrected. The customer can
  download the patch from the Oracle MetaLink webpages at
  http://www.oracle.com/support/elec_sup. The patch is a Unix
  shell script. This shell script should be run immediately, and
  also run after each relink of Oracle.
  Q: What is Oracle doing to fix this problem?
  A: Effective immediately, Oracle will provide the patch on
  OracleFs Worldwide Support Web pages. Oracle will ensure the
  patches are incorporated into future releases of Oracle8i
  (8.1.6) and Oracle8.0 (8.0.6)
  Q: What is Oracle doing to notify users about this problem now?
  A: Oracle is notifying all supported customers, via the Oracle
  Worldwide Support Web pages, of this issue so they can address
  it as required.
  ISS X-Force also recommends that all administrators complete a
  proactive survey on the use or potential misuse of setuid bits
  on privileged executables on their systems.
  Credits:
  These vulnerabilities were primarily researched by Dan
  Ingevaldson of the ISS X-Force.
  Copyright ( 1999 by Internet Security Systems, Inc. Permission
  is hereby granted for the electronic redistribution of this
  Security Alert. It is not to be edited in any way without
  express consent of the X-Force. If you wish to reprint the
  whole or any part of this Alert Summary in any other medium
  excluding electronic medium, please e-mail [email protected] for
  permission.
  About ISS
  ISS is the pioneer and leading provider of adaptive network
  security software delivering enterprise-wide information
  protection solutions. ISSF award-winning SAFEsuite family of
  products enables information risk management within intranet,
  extranet and electronic commerce environments. By combining
  proactive vulnerability detection with real-time intrusion
  detection and response, ISSF adaptive security approach creates
  a flexible cycle of continuous security improvement, including
  security policy implementation and enforcement. ISS SAFEsuite
  solutions strengthen the security of existing systems and have
  dramatically improved the security posture for organizations
  worldwide, making ISS a trusted security advisor for firms in
  the Global 2000, 21 of the 25 largest U.S. commercial banks and
  over 35 governmental agencies. For more information, call ISS at
  678-443-6000 or 800-776-2362 or visit the ISS Web site at
  www.iss.net.
  Disclaimer
  The information within this paper may change without notice. Use
  of this information constitutes acceptance for use in an AS IS
  condition. There are NO warranties with regard to this
  information. In no event shall the author be liable for any
  damages whatsoever arising out of or in connection with the use
  or spread of this information. Any use of this information is at
  the userFs own risk.
  X-Force PGP Key available at:
  http://www.iss.net/xforce/sensitive.html as well as on MITFs PGP
  key server and PGP.comFs key server.
  Please send suggestions, updates, and comments to:
  X-Force <[email protected] <mailto:[email protected]>> of Internet
  Security Systems, Inc.
  null

  http://metalink.oracle.com has all the Oracle documentation online. If you search for Security, you'll get plenty of documents. The Oracle Administrator's Guide has a Security Checklist that it probably a good starting point.
  This is a huge topic, though.
  Justin

• I can not remember the answer to my security questions  and the email that is on the to send to is not mine

  I can not remember the answer to my security questions  and the email that is on the to send to is not mine

  How to reset your Apple ID security questions.
  Go to appleid.apple.com, click on the blue button that says 'Manage Your Apple ID'.
  Log in with your Apple ID and password. (If you have forgotten your Apple ID password, go to iforgot.apple.com first to reset your password with a password recovery email)
  Go to the Password & Security section on the left side, and click on the link underneath the security questions that says 'Forgot your answers? Send reset security info email to [email]'.  This will generate an automated e-mail that will allow you to reset your security questions.
  If that doesn't work, or  there is no rescue email link available, then click on 'Temporary Support PIN' that is in the bottom left side, and generate a 4-digit PIN for the Apple Account Security Advisor you will be contacting later.
  Next, go to https://getsupport.apple.com
  (If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services')
  Choose 'More Products & Services', then 'Apple ID'.
  A new page will open.
  Choose 'Other Apple ID Topics', then 'Forgotten Apple ID Security Questions'.
  Click the blue 'Continue' button.
  Select the contact option that suits your needs best.

• How to get access to all the advisories in mozilla?

  Mozilla Foundation Security Advisories (http://www.mozilla.org/security/announce/),
  when accessed provides information on many of the advisories, but for some it displays an error that you are not authorized to open.
  I tried to open bug #790879 & it showed following error:-
  (https://bugzilla.mozilla.org/show_bug.cgi?id=790879).
  Can anybody please tell me what needs to be done to get complete access of the advisories.

  i myself am no mozilla staff but just a contributing volunteer, so i cannot tell you for sure how it works in practise (the policy document is now nearly a decade old). however according to the document most bugs should get disclosed after a unspecified amount of time after they got fixed and then they are just readable like any other normal bug report at bugzilla.mozilla.org.
  in case you have a legitimate interest in reviewing a certain inaccessible bug-report (& have an account on bugzilla.mozilla.org) you could also try to write an email to the security@XXX mail address & explain the situation - maybe they can/will add you to the list of people who are authorized to view the details.

• How can I get security updates without dealing with Firefox 4 update reminders?

  I tried Firefox 4 for awhile, hated it and reloaded 3.6. I keep getting reminders to update to 4 which are bothersome. I have disabled reminders, but how can I continue to get security updates without upgrading to 4?

  Install Secunia's free Personal Software Inspector: http://secunia.com/vulnerability_scanning/personal
  You also need to update Flash a.s.a.p. The version you're running right now is a security risk. See http://www.adobe.com/support/security/advisories/apsa11-02.html
  Update via http://get.adobe.com/flashplayer/
  Also, update Firefox to 3.6.17 because there was a security breach at Comodo which is an SSL certificate provider recently whereby a number of fraudulent certificates were inadvertently issued. These allow a hacker to impersonate any site including online banking and the Firefox version you're running at the moment will not warn you that the site is a fake. The fraudulent certificates were blacklisted in v3.6.17 and beyond.
  See http://blogs.comodo.com/it-security/data-security/the-recent-ra-compromise/

• What are these Security issues in Flash?

  Hey Guys,
  I recently just got an interesting meeting request from my higher ups. They want to discuss secuirty threats with Adobe's Flash player and solutions. Thses solutions include taking down a site I put together for them over the course of several months. I am not about to see my site get taken down without a fight so I am looking for a summary of what possible threats can come out of the latest version of Flash, how they can infect a user, and how I can stop it.
  I would really hate to see my site get taken down. Don't have too much time before the meeting so please let me know what I can do.

  Hi Marks,
  An update has been posed today for all systems, http://http://www.adobe.com/support/security/advisories/apsa09-03.html  this will explain the vulnerably that has been doing the rounds for the last few weeks.  they have issued a fix in a new download with the new verson number is
  10.0.32.18
  Cheers