DELTA 424764 0 24198 SVN1f-v@^{;ݢ/Xp^qTTؙH]U='H&yxDXzE:jx^uN0F*9ӍIV?햼=vPUogE4}JS- 0Nd Of}D0 X<J$`ޞHޚ% C7gdMa;?ҸR/e _ lCqmLĞ+m/&  ¸AUؠ UT".X^%qh^TP+C{wJ"g0i=Dc^ʂT.#,aT(A\ZfL-e ]s5a`Rbvw9x^uQN!}֯nMO&6j,Z]mDppS6Jl{KL>%QYS.@nMT1 yPz =1O\XPT͢^½Tɰj6/axE*SopPOL:wNX^UŊfE UUՉ-9oT<ageM֍^&rm݇#&Nrd 9D)ysSfe'C(qgp \(8w!~jSoK)̙[o<^ rH?<2=Vl}4b鰦J@`}YnM2Michael Furman34-announcement.txt">

The web based administration console does not set the X-Frame-Options header in HTTP responses. This allows the console to be embedded in a frame or iframe which could then be used to cause a user to perform an unintended action in the consoleactivemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt CVE-2016-0734MX?B>cx^QMO0 =_a2}1^& iIa<%A:c6;ɤ RK(HS@)H5ZIM*VU+.}y}N|̗kZB`1n_6QGLʜ CV_q -?d (%qW:QP(pPB7&Lݏ6@=0J.ӀJdvwjUWCy<`&0,'uuAWmJ~-XrLq|:^ q'Ca~R)#8E){h````om˥HB~Be~<u F8/6">

Qemu emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit(tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments.

A privileged user inside guest could use this flaw to cause memory leakage on the host or crash the Qemu process instance resulting in DoS8701CV~+x^ *>ҽزE˟XhT_UYSkT&̦,'% eE>F b0P(Ls9#*nPfٚq|]^lήY[ÊS&~m_cxPj7ȏy)Pk.ygWx2 x^N0 ),NpXƆ삸q1qw3w s=n71"E(7<~AAMaz~=;7`fuv,7&M~MC4^ 05%.Դk.`߶)uBH0m,B㩍ft3sX5 VmH6=EpGPy(yE% #A[9[b鈤J YW: 'Pde1}Ԭv˻j4Ndz9!p ne*97rᄑQ=XX)6}9|_FaMa:v#Q)g XdF..LފvUvN@`|jJ?mx^n0 ),.%-SpB⒈4=;Mώp6((*MXZQͼ=`0s' @  tLй U@6Ⱥ0YD[k= : )ALm2TD%( En=hۣp06b#^G9M12ĠBBYbg&1)cH6# A4NdMj3ݶG =2ךw!r gqiVv/sl;+{9"^\FY)K?RjT4X5+-qM} V]@o`AE x S9..x^}AO0Wa"vwyqH.J;4x^n0SqCF*N]&pl7qHyƐdI۹:?fO$c+N}x8y\(:˲ ?S'Bep쌡(<^AV8'e(V"hg7;,>!"c)rIy4"@>u$I-[Ov*w1.[FضJi&FڂRm ¸rS}]q[(Q;aʖGCV 9͖ffl?EԎˀ  |Y+T|x^j0EWĪqK!J)th~lM,=; 1tmČt5\{@cl4-y$^8(7=wPG$Fr I:p$-+*V粬$[B k=9ȴ6:x@IΡ$Ay`c^Y#6v6%ٵCO&@'~-I7_ ٿ? XᶋD{nٻ;zXz擕٣Z`5pV`F_L PPVUxr/) 2缼 {,ߎϓ "'+HESu&?(XyQф^ ;L-oS!C$OmtF[@cz{I,x^K ཧ '*jB4B>ƆD%iO_5gL:k=z*!g=) *XNc<8&%87N]3zfo.uUPokZHNE%R5JhRuًk^z3  8yԶ#qsd{~q:;â/I Nx^mN@>ż@_@VFa)vcL6]$=/jݵ]%oo}$/Xʢd:^Mf HJ dnt+ѹ @BxAZƈBF c -:"7HNN'=ZJtUGk1(Gt| .= U;w d{3H4.uM!)IF Kc7#$Ut##q )T޵4%AV ᧲@MB=cJiĬBVW4S@n fFZ{W_E^Iu#x^uj0EWĎe1ƐB4҅bm,=w֐v4Ov5 S\m|[4KYUfiUvJ^~ҁE:C,u9iR}/5+7?&yƊU 4:s"{A@*λvqc PHP5 -- Integer overflow in Calendar modulge>5.4.0

Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a laY5k'^^Z_reeBSD -- BIND remote denial of service4.bind.asc">

A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.2266 SA-13:04.bind https://kb.isc.org/ar`mc@2>x^eQr0 <_ʴk[}N'NnM|@dӖHC)'/3J{$dr@+x^RMK1=_1ޤJI׋PD%MdζU*^H&^>TLy `uhɤ=5_3iH ikD]gn5YTr5J5vqfD9CG% gvEY,\\+?#_http://secunia.com/advisories/49196/ CVE-2012-0283 2012-07-13 2012-07-18 puppetpuppet 2.7.*2.7.18puppet -- multiple vulnerabilities

Arbitrary file read{g@ w>ix^Oo0 SX$F'e\Gڡn'thIO~=+6#YR\3 9&,26dnòm6,Eڙnoe%-2σAyrxmlMX\O+M!QD#cLb%z]_u>8vrĺU˥vrP68pv gsv?G_1eltiple XSS vulnerabilities zabbix-frontend 1.8.10,2Martina Matari reports:

These URLs (hostgroups.php, usergrps.php) are vulnerable to persistent XSS attacks due to improper sanitation of gname variable when creating user and host groups https://support.zabbix.com/browse/ZBX-401512-29 @to(W6y߬" 0iq!oQf _i6p>|YÜ癦kQhh,O9ءG+1J•[ ݄Ԝ˒_8{G/}S"ŎNdIԜ]u4g)M.sRmWW  DtR(w]}prE7hLF!݆h Ձ Lx^MRMo0 =w(0v AwaE&ÊȒ'QG)h=>Ԗ>FY-6F6+4(gM~h,C .O =Rn`R-Tےj9gRY#: c2-)BR3#j"W Q ԓ@>my3t)S&w:++*YzsP#0,U%Ĺ SY;,:ܯ-[6?pդNHսl6e,ڠ/gE3e~Ht[%\'y^qhg-Ȏͦ(nRI&N(%Jl65jGͳ4+2O6 YȎ1( GMy8G}rHx^MPn0 =7_A>Wy^ }$aZ8SRjee\|'lifrjH)]:/fSyZGos~cߑʿ^5*Xl?*R}(^UǾUy^N#u`AlA)X)?݄(֎-5yVeTz%ce5pVB#ZfP׷3Z>Y{YXX^0 6B?`0 Z"t8 ɠ tЮb|9QfK4_oѼS ה f`R wCdJ>K/-=x^5QKO0>ïJaQ g3iGkhɿq ># b1^˿3ϻSI&%2qV{+Fa/&J|L;AnI@ B!{P<7Xcg/p.aT#v"#jUsO*CZefE&mfN_F|@]fgPߞ%g Z QǪA5{*[p<# O6ZK ^)צy:`P`ӑ]N}}ty`y0[4Jr h!Pg`U0n噜G5iEA3*)@~ -\RHUKrNޏd|Gq( c+}"WjS FZ/ٸWtbe)(֊A݇56 .f=U_O$O^koH&B:A 1ڸzhѕ&$u~,ҋc&lͶ(5˴Aa~W2%,4=OU5ӯ@eFiA5'e -D':=0/OӬ9jfm |[/v@\ x^mAs0ɯ'&d(3y- i}WV3$'88V0T/f8V~? F@c4( 6ƻ/) 0",Q7`иBpԃL(_8hi^ƳU{"L٠]2rz=NIue&? \$IA>PDLg :vT\Ep2iCk3oȀJW@v?s @x^Rn0<'_a'G1bld}qD=֧xgf ZT9瑳['l"ڍTu TԼXЛ«eE\)˺|'?`d~9K FY|O7S#U &1Ɗ8Hߚ;lfwdtity Alert for more information about how to do thi8854 CVE-2006-3336 http://secunia.com/advisories/20992/ http://twiki.org/cgi-bin/view/Codev/SecurityAlertSecureFileUploads 2006-07-05 2006-07-10 trac -- reStructuredText breach of privacy and denial of service v9 u  x^]n0 '&;#.4xZD4Qϧ &Lzc1P@GcDz~݀FDri:,ݣ(18nEQo:I,1 h$#" y2쩣vS:uIUӳWZ(Lռe% ֝v{إrq&$tzxeE/6(- Ϟj!Yj(m@ H6@ٱKXtŐ,2'-sfG/`7c33H~W1ntry> 2005-11-29 p5-Mail-SpamAssassin -- long message header denial of service p5-Mail-SpamAssassin 3.1.07386/">

A vulnerability has been reported in SpamAssassinthe use of an inefficient regular expression in "/SpamAssassin/Message.pm" toiN@J3x^}QɎ0=_Q<Qi.#*v&/i DN/z[YHfAbȈi>} >^@&_ 7Ư)zNkfϴPDj`HJ A-fH9fx&OlTI3X`$> ǎYE$. mK,881n|$E0nO.RcًbN6!2x`ڬ:n&[U(yK]r@K3HjI* sAu]OW;Io|$<&7v@M6x^Qn0 =_qOBB)h;` kB$m߯V۴ädg??˄R=X1{;2  #m^e+*4 z"3G+-ĄZ.YGle-&1 q$y2+2*CpGZ|Tnm+sQl].6[].R5LRѺAwR -e '_ :Tku֫jߪaU:֒ yB<:cUͭq"^ 5Kecf7Hc 2004-06-19 2005-02-27 mozilla -- insecure temporary directoryzQ}G:Bix^]Qr0 ='_lnR:S=ݵhjl(vBҙI~IzN=*ĺz}DQUyx} rP0zFǤ,c0_0֯x`j[3#Lx'݃5`Q`:ށoAO-ko0Ӵ|bcly&Ryz L#hnjS +s-N !Zl18Qӏ&ޚRߙ,2yU#~ZBKQU'{y2[S"XȼZ}ŋUfYYQ*S^3)e!Kh^^He`(f|sv~$}#:(aS[n5cwtCQ/]VF:v-Rx^]P˒  D &=J0Z?Ow;&2hބ4Y {5 T6,Op] 뼙oL:@֏w(bBzttִBTu aBr^|_ˆJvK'k'xޅؗ(;OnGB=EKs۴g1.sX)Oaye_C7( / 筐5쪼:WchlqnV/x<GnvCnEsbGVpM}nerKTpYBuu}!9>|UA3J( 8AD ?R+pE }`?VA`x^mOo0S̉@v(ęML'8 L-R}=ߛ !fk.ʑ ~&f1`CBx}5^o2:&+/"&.Ѐ􂨅~Qdbae:qr#|_J_ͣ1 sٞ8>'93>c4O#D N26A\юg)jdtsFH 6B 81br~oҳOU|$_or3tymN?ːO*P>_e+}n{=5àj,SyjQ׌w 1%)znR;ewPMN}w7mޔ(\ت-)x fʼ,-.yL|<,5x^}RKo0>wŜ襉n4"UPAŹ3I,v8PXq apRA N豅`5G#8o:srax#h~a i Eт< (\;jw,qQ\PK8