Hiyas,
pam_mount just released an update that fixes a security vulnerability:
https://sourceforge.net/project/shownotes.php?release_id=624240
are there some special procedures to get security updates out currently or do
the users have to wait until the transisition to the new signing key is
completed?
Regards,
Till
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240397
Summary: CVE-2007-2721: jasper DoS, heap corruption
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: jasper
AssignedTo: rdieter(a)math.unl.edu
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-security-list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2721
"The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000
library (libjasper) before 1.900 allows remote user-assisted attackers to cause
a denial of service (crash) and possibly corrupt the heap via malformed image
files, as originally demonstrated using imagemagick convert."
Appears to affect 1.900.1 too.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
RUXCON 2008 FINAL CALL FOR PAPERS
Ruxcon would like to announce the final call for papers for the fifth annual
Ruxcon conference.
This year the conference will take place over the weekend of
29th to the 30th of November.
As with previous years, Ruxcon will be held at the University of
Technology, Sydney, Australia.
The deadline for submissions is the 15th of November.
* What is Ruxcon?
Ruxcon strives to be Australia's most technical and interesting
computer security conference. We're back for the fifth year
and intend on bringing you another high quality conference.
The conference is held over two days in a relaxed atmosphere,
allowing attendees to enjoy themselves whilst expanding their
knowledge of security.
Live presentations and activities will cover a full range of
defensive and offensive security topics, varying from unpublished
research to required reading for the public security community.
For more information, please visit http://www.ruxcon.org.au
* Presentation Information
Presentations are set to run for 50 minutes, and will be of a formal
nature, with slides and a speech.
* Presentation Submissions
Ruxcon would like to invite people who are interested in security to
submit a presentation.
Topics of interest include, but are not limited to:
o Code analysis
o Exploitation techniques
o Network scanning and analysis
o Cryptography
o Malware Analysis
o Reverse engineering
o Forensics and Anti-forensics
o Social engineering
o Web application security
o Database security
o Legal aspects of computer security and surrounding issues
o Law enforcement activities
o Telecommunications security (mobile, GSM, VOIP, etc.)
Submissions should thoroughly outline your desired presentation
subject. Accompanying your submission should be the slides
you intend to use or a detailed paper explaining your subject.
If you have any enquiries about submissions, or would like to make a
submission, please send an e-mail to presentations @ ruxcon dot org
dot au
The deadline for submissions is the 15th of November.
If approved we will additionally require:
i. A brief personal biography (between 2-5 paragraphs in
length), including: skill set, experience, and credentials.
ii. A description on your presentation or workshop (between 2-5
paragraphs in length).
* Contact Details
Presentation Submissions: presentations @ ruxcon dot org dot au
General Enquiries: staff @ ruxcon dot org dot au