DELTA 544856 0 38848 SVNfvgWWrX[x^RMo0 =7VIPhy.DBdɕ,:H=~{‡~4 C4fna[A~lT43CU(S8&)JVA0XϨNxnu'Nt.J]Sog 4QyIW@#(D!OAÑjG,ԸZȓ-ti@R0&Dp6<'H8|7R#rn8Yω{ Tbut?]L1&t:RGH0BȄa ָ54!ONuC ꣞CnͶ/G  )t; m޻vݮjHq#ל}y48{3ڏL0Q٤Ruz(tԟ{+6~!h.-X5ÑBqjG"}G<fS<;x5:wT2/ޖ ݮ&R+j|~. ^e|J*IN@kR6cfecgns of Drupal update CKEditor to 4.14 to mitigate the vulnerabilitiesurl>https://www.drupal.org/sa-core-2020-001 2020-03-18ae2e7871-80f6-11ea-bafd-815569f3852d"> ansible - Vault password leak from temporary file$D#5KxG?tVRD;x^mQю |֯@[3xrmJBƿ?ZOM̑ffBOndIW#VN!Wi4Z \LAXe˒IIQ2)Dqp)+43p;Io7*H+K/YH'teMgd> +9cݛ7]dS<_oZg@8B05t?! ]jB=h뽆G$)]|m:l Ȋ`_x DulREUV5\QvWY~Jgx^_k0şlʜՇ16 ֤kn~%:=79+7us+o*0œp88s%ggHh>Ҝ;q8Eѫ7\n5R؈DV$n5]-BK[ H ]$oT:][M$D3,TPXy'! Yh{}^7 jE%3XJ7[iƜܺ3Z8<*{9;߅sF@emQLv MkDw` [}4NP%9$ڪqza~"tǻBelSCAoN@tSmJx^MRKo@>ï4Dr/U/V} fe,vv+f{ .n !`;EaE>@QDi;XxX,@ LJcӨWJyvm)|ё9_ zyu1QDȦfX:e䧠X{) @3 KV(\5xKK;{/v492(Π"<{3* `h"o,ţ0^|8aN!t9FheR-+2A<={}vոdhE8vuy hEd6&ޮz.FsIyuuS3:1`4]@IvEU_Vkڔ; ,E?E@ڐIgb\TyyVu]TօxI -2 mZ?HJ\x^}r0 EW`i2cQ=i*P$d1I ߗ4ٔQppq<*#(Fܾ XMF:y^xюWy9F!# =ţ%TzDV.o O}vNy,PZA Zi'I=8}@jai',JSh8O)!62-BіŜ8y#IOS..\})[(:+uSx;fp9MD}*nn bG7EbgqwzUM/zCE79 .E.oЦ+\-!>udնmͺ:۶*]\E&i#Όd0J,Ƶa^5EJ0F[&,M>F;L5JWx^QK0ݯ8n# LA gmhcm(|\;@NVxe4|cP7xКZt䜨,omĒt,!G<Dѕ{ΫBHQR45Uc2 }+*ou`kQg'*#CBJ(e2G٭tn.yriȄǓit&fr3Ǚ\6˯*JҰYgȒzQJw4㆝iVLgp89{1ޘƃgCg͋l~W,f7 l+6mt|Ӧqא9~Z>> /ult$36` ɮC-n3%.]#xC<dG.z:bO/w.4-rݨ(4"QRNg VT5S5*٥~+-)X )^ݱ:c̳YQꥏMϹ2\AK6DI SD>L/p"`Q˸YY<JHJx^}Rao0>Dh$4i>\R 7l]=vҮ!|{~ś5,7/w-nǷvYOx/@EP(AZ,V lFHg zGt,^NgeS?ѵq8aOGosGnz(Nw^%y^ZCblء|TJpyjo2X]@Zk *Vݾ;P5 Jtc۞SA1L JَcjjCY khY24guF^鸧|sͦoOA ((z [Ʀ-"(HtKJ`' 4Q*PU ([IJI^//o;j4?P͒*U8pqa-4 *6 :ʤ }>)XIjvndUTVd8i]&#a4H%6؟Dt,@ MpTy5 ʒvل>u &0`i&j>k +?} XW5@3`]nO4C9O,<u`$|~%Rko^Հ%E{x nPv,x- L~>OrGKu9nbgׁKK;C]hr.;|YhH~lAxq,g]pv]TȗvOP瑒!JHxsyB"nw d(E r6J6x^An ~?$r'xcG`Vzw P`6tzƾZ3;Lw"0o%0̑ BCAh( Y:KBgI,w^`g hQGhj?C1?ALjI;ˠlLi e3X=ܣG-7.̯\ պʼ' ˀHmW:rJ_x^Mo0 WDڕ6h)!0iHېv7Q3ҤrS:*ُױ>n^ZNcq%95Cӭ)ՙ%Rb]3gYxtW٣1v"1gHbȞvJ0FX¢ ɐbϩ[IR] U\mH%w( 5} ?ґ˪y&b" W뛪B}RJ o9Ֆ{ϝ(IyD~PcdÚ_ xՒ忰$M°4lYm> !X: O/wpnѠ!9 V>S0#J@e6nJ^x^ő_O0şSlYIĠ|bJw5tv(˜ݧ6'n1B֔;D\kTRdƒޛ-u _ۤs$!@jt`Q!wxT|ƢyVnJ&1 -<˼Ĵ7&a:ss@)~J_OX)MP`2מdRs-$Wl[X \EOYX~S-`*k@EԼ/;M'$/,fhQ trJ'NS&8}LX 00'%v>>MJsx^R]o }n~1gO[I}:MZ1\'(;$kRK~p`f0qɳBQՠ\)%<8nWьenG7k*,@E?QʪR ;sy3jYg;9{1*1j9€2` 5p6d)ZDۂ(Q^A𒺤$_Y1$2yDw %~Ci125ǿS =첃r:=6ύݓheNCg"v!C$%y"]~}tש'P޹ Vl} i˻o8bfqrvu5By4kR9, -X$__5 htt^<+y+e^J *GɄ _A󭮝&^V%?=xΝU<;/jYak6nozNN4i;fyeq?#'ٱe?Nx2PF,[d%/؋G ! ҽp3W+j ]J7Go ЃǦeN?rIJvx^Mn0 r=GPt] X dvȒ'nm'h!_}ٟjoTXJ}N'KSm< 餛6 z(Ƀ>ZlPSIhFDŊUsxZYU1259)hx&O | owkC-]о^)"j4:X!`ʪjtNո{r|!==a69Q+:"9ר2Eˆj+Ec-E:1*DQ^nȳ|){^._K1fn_kM4[oVjm6lU}уQ5+,_YJ0Yۀ1xrޤUO6J_TņN` .hDWlG_c<7)>J y6>DLVq^DfğTs%X$cEEHJ~zDU/,?x^mQr =7_As_&/"X@mMe(ܖ/!~Oi=jۢޭm;SsuB,!f: :g.RA'NV +q j[13 `,N_X%E`Zt"#WOIs\Gin:IHSpA0uT8l {AۉV}|v6 Qu 6J6x^eAo0+RwB@#8̀cx.Df޼yBD{@l$H>rK.cfi(a$64Sle#ю'!nTѳuoHj $ͯ{z̿9P8h!&\ݼ]=?}zq}V2}ϡ.Ofwc4 а=c.aށf,vwxt4@/UT$q^@X|\E+vfL%3q4b&|t9ǀ@P z[v5QDߤD7M辠wRN;Mf~䅋jJ$b1os^q'40@^ꠣz Ѿ@Pj=VKzVhVBZtے^`+M%$!U0Z9gv坐4I-uI 6J6x^mOk1ҧNCi@]bpKK FyZI[wv]a/{M&#Z$ WvG/l݃Ia pЩ1=w*>PW.=g0f@K@Nօ O=Xѻ=$kPRLƭ0-W6/ߡIhj6/uy]>Q24\rݠ5TYc=nJ̆9{v+]R.'l-, |eaDy%ˈ0&o2MNۘRS4AԿI"z“kB>ѣVSB*:"ͶFyW󒋳P(sЩC;FR yhF^v)Xނȓ&OAZNIrDž?=_2Ub =l0KW>8 w3B+RJ%BaBՏ:4pLwhp^25hwVKT/(r95\u?RKE6v@]?]e`~J~x^Mn @Wr'84vnО0vF%N'F`XVWi\1ԂNƩEE9lDcGpܑu +n  fo?( PN;pE/[2/,W:a]??u}]^P4tUuGCJZ0(5DҷiLQ9sժ\#63in2ICnk~M ۲T}0lr-8/WZF 9<_nfyWp"0NW;VR7Ur\rWb@ J` T ^~}+*Hu-~2"hwWʕ(U dLrZIԝҦSf(92רƢ$]#RnJN>'@J?kJ x^QQK0~~E{zMN+1 "*iaYZM9a;ϣnyM'ax & ,B@rW!['KT\lW6)Ao֔լ>izu$h弃9hHbԞP py27-django19 py323 py27-django-devel py325/nov/24/security-releases-issued/">

Malicious redirect and possible XSS attack via user-supplied redirect URLs containing basic auth

User enumeration through timing difference on password hasher work factor upgradecvename>CVE-2016-^^zgD}J\ https://www.phpmyadmin.net/security/PMASA-2016-8/ CVE-2016-20447694927f-c60b-11e5-bf36-6805ca0b3d42"> phpmyadmin -- XSS vulnerability in normalization page7/">

With a crafted table name it is possible to trigger an XSS attack in the database normalization page.

We consider this vulnerability to be non-critical.

This vulnerability can be triggered only by someone who is logged in to phpMyAdmin, a"g!AZXigj2e http://seclists.org/oss-sec/2015/q4/543 CVE-2009-0689 2015-12-19 2015-12-31

644).

Q{^rC~/J0x^MAo0 Dq\K /[ b+v\ T,DN?ʎDR|#sW hlTYw_VEUomħ߷[Bn^伖ѭGhG0;cP]@[!"^==+Jsǽ$P[1`:yjCMmE]"*7_>r$p F5e} FٸN+Oր$>%ȁQRPXp#eNexaңe$iF㼗)/A[1ZM=#EGRa}iN`ITp4M=q.ű€ /0dK5G|k `߉`.vF1bn'8V@Jx^0ENФ_ HxH -`,iex3ݕaYY -0ET*`_ICx*ӓ% < T(rf,UWoĮ*X1F~mrW_iɷ3C?R(?~軚* %NSo5N@\JGx^UQn0 =_Aرt؊ue:&H$'m-ƓN "__ {Qhnw#ޏI[LM0BK{ZhNZf}Zptˎ>́|Ss/`.=[) ߲,Pi׎R1b{D; s]h©w*.G5WfC)Uy^T7y-tK~`S&(=ZguaK9騳e|®#> hNX9iΖLV:L[Z,A2ns!x;y=,a'Q/qG9?}m&N@BJhx^mMs0ͯXµl-a7#lk$#NiwjG  Qr'_j t%-7wMˣ&EGt0/Hp<9~\1j3),+ՠcv4NVlneڼV* ok1DVno{H4 Lvں?4-hr`:  h [uMEY4O2tFo )!aJWp נFЛ^Έ+2칼dommGG"I (;kxhPڨ$*kwZ%/+o|+M(D3nD;W])+!,M2RvSφw,N3>UWE3~j/B"QRi% nX /{q]r=` <:pyBY)]l$i1NR^=JXx^N0EWXe ?[G-2T!OCNp=N!R%[sGs4+w2MQ<t~ƂqLQT`S5sͶ&o?m-̹~*bu6e%;IR>tȍuZ-}ؓ/r>0e2tPEۦ0+ y4K|3cA%lc/E %0˕U×v rSZTnl嶀]M(I@nU?8Q}0,V `O +SSҗ>4ΧG@~/@q(.p'7Deuw8y4Ab;+^hyQGx^U10 Wscp@↛r@LDdQi__ʊԀ&{(0+< T>y>a*p / N 0u!209KtBިLK?؀r52!֞j69C~yI 9&*xƤ\BW&m(u@8uK0])\(K#-L!IzjBO.4+8; |4T_5U# oRH*?9 no=HJvwu}uZ-[eףe 3PVHhs!y Nd*_k knhk&abnR W)[_J}aSVFڼȀ u|?t3QJFx^n0 S=OA2hb)+-ӉPG$A޾4z$OQlW 铃C.|t: @j:ӟ*g+|0$ԑ'(\*-k3ɟšUI^ݙ+.Pǡ7]sn+Vk!XQk\Ҋm;֛Aa٬ZQ_X:jwp 0duL$uPP訅 "H>f0vxݡz}ZBN|Bz4LGˢ https://www.varnish-cache.org/lists/pipermail/varnish-announce/2013-October/000686.html 2013-10-30 2014-01-25 TWωK-d&Q\Z6F82FsBNvjVK8(bl! CddͲ-RAr>xymdƢsࠒD1慏aw!V yn0I\阓ќ?#n~I 6J6x^SMo1=ïBR5.CUT> NgM*hO7o8 1a#H{,P8X1>u$K7SLTTeZRoG liL:A5S75Nc:.0e!힀wap;. \aH(f{`P;]fj*"B#+wsw?'dZN^k/QC}Ťɗv98+eБr#5fE0")2,J`-stf{Ϫ?!8n j6J6x^mRKn1 ] i  (hZ '%,M%ʎo'mcO.DDL{?ɦ:4Mܪ!P9Cȥh*FH7jF BiiUYv\LӾO c4?KD/ALs?AXƜv:7U'N_{8uэc_pE^8C3q$zƔދ]S*vۿؽB"c{)2mv #~W)Lǵv#y|KsjVBkD|:91)%l%Fڑ|B71 ɫGv 5ױGK\m.Vj&Ea5GVwNT'^^;Ʈؗrqh \LvSFRX;`j 7x@VO^)jtF@k/Ȧ Cpn6&ՖBʾH&,s#XGrYZSRNJhx^SM0 =ï F3尠HZ H8gjMT3ejvKy~. K3%psXsm_{~L,1T"0S:vE\TleW)uFQ`'n u wX6)0ؕbzVVKLa .@K3Ac"we]@R,)E(dN@mwsc;feZ4x^mN ݧ ^BZgE)40]5F.&gNNaxt~wEc'p59I h0{r 5vR~ׁ)3Ibgp$OX<=Ժ.J:9[ I bGjI `TSw畘d)AI#*4 6J6x^USMo0 =9Vd9lEwZKnP(2Ee~]qG/~Bý@чP<7Cs_GQ 7`> a5Ya Z;I޺67zgV,;Ejɲ~nap0 ù# ~>AB'l %^Y_c2Y͹<λW'wPI}u~X׫On@R ˖C2ݦ05WTGqd藂;1"o:[=;1aQG( 8QҜC@[2ӝ|#f$c0ĕ~U16wcҒln:񙴳<7ת kvF8UWE8u,^lcϖ^wωfh(d1B\ :;8k;Kj>b{`2 9?% CÂv@M@`Jsx^R=S0ɯI``+n V׉Y2?)6p+tx ez]K< UI pm=w(?;t; ӨvN[*#ɫ -jTN:AV,ۯɂkObJgx^RM0=_1 $cmVH VWǙ4Ǔk7{ g{3y{snalxc2{EպZ*[X@"8使 d)8"q$ ÿЀzJłzu"̲$MX`ip;^N"x>Wh %Q;p5&lh \`={ZJLqt,7?s} tBQײ]% _)yQp#JdS%F<-R%#Ѳ|ےHň4 MwQnw/ [2ciyꏦf$A, j?%p&8Uui%]p~Ϙ(9s,Zèt a3jny-m].5m:Jtm1"<^x7GKJwvJvx^]R]o0|N*Ɛ/EJ}9%خ[dcdhQfwJL]w Lj#bLQOն6 h&dl l(R@ܶ nQXNX>x^hC BOɸ RHj%8T$ U6|v~:ka0,Vvjz.X$@ B^,:;&Ѧ%9ΘPE@H0 v&x9z,zt})<1/JDo1P"2#Ȍ}3|{K2R6iDTmS%Jed,gQ'[*_z\ 5g.wJ1[\Na[*ԠO*QNA^:yS=#.zG`)皓·ΈmtH(I '׺2z\w`{lfpY}Ӊcqbl+{CJ19̑p4僩M`]n]n]n}Z8d8fB6ziY|fL@>qazJs. SA-08:09.icmp67dbb7197-7b68-11dd-80ba-000bcdf0a03b"> FreeBSD -- nmount(2) local arbitrary code execuVarious user defined input such as mount points, devices, and mount options are prepared and passed as arguments to nmount(2) into the kernel. Under certain error conditions, user defined data will be copied into a stack allocated buffer 10fT@J}O1uem[\5sJ/ 2008-02-20 2008-02-22810a5197-e0d9-11dc-891a-02061b08fc24"> mozillafirefox 2.0.0.12name>linux-firefox-devel 2.0.0.1289gt>0~}u \?l3%d-C`9x^,bYNwqU}k+cF"Q ͗F}+fRKԫżRrL-rļYޢ+u %~#]6JYx^UK0 )lb1Ip dʒ!$jEǟPzKZ|>߿F&@=Y%s$eCP9.o?ޖ0 . LOVc䂄jYU_skw]AL';Prw]︯YNtVs_Bd(.{1<(Z"{̕sq2ǭᗱ :,d=zTWhC4/JtVk 1.H\;c'J} M' |ژ5E(B3㦗4+sq¬I=Py>{@:7c&KzΒTjD/;p;]m/E1MxkP<],eyfMTƨ- KC>٤Zπ(U?ckU7.OhU"ق^ڦ <0`э8VeU΢[Uwjߨ|]$~fhyڿYd! x;J=SRv5v@#'Sx^URˎ0<|E+wc`a#Kr)nنo Q6>Ur*U6 Soggv@)2[G;xHφ^nok0G x!KE=+dfZEs5Yz:&Pr21‡AnJey&x?*9a;J/p/bE|R~:6mu-g%^n)M GfSUS6wJ):ӣ^o_(NUg[n9'qDUNId@٘+^kxcK~b.063 4D{^총c~w.{韷 3%9Ԗή_{ŀn^9rO{Jx^uMO0 R!C/-}lOȀc[nB"R3G+[nMu9Mg]ݶWWW?w(ύv3Dqu 䕓'H(83dVlrx L6Mt7'@ewUۮz~"6NZ[Cx]0mJ-*]3 lq_pbہ}% J(*XdzQOCI].Do44)lѳ[\H<ԁRڤ!U-Trr$Oim8( .BGZ&O3B =4"6d^Grgf>ud쭪9)|0PQ=-`$ױ4ˠ k<[&MuJ{x^]Rj0}nb:l)EkX TJsK[,II~eCΌΜ۳<{4)dM셥)P̘\9^=8F>Vaݕk1&_(rK䲉c j?{Q(Z2gCZ`rRLT5i+,2:4 Z%ᐡ Q /5C{j}VJ%%ث[*իOly˖M],eP\ Zw0(ۏ_)ŀtZ0AzZpz[|_v̴(`D㤿&2&NjR<>e8z LK۟W kN,G_2oR r+m -6J6x^eS]o0}fjO -uC!& $&xSuTȓ}|ιcY=@=4:rΑLt"hJ=&]`#SHFZGǸ ~n$8kgDkYNfN _o`f&b{s0WMQѸ,~À21=W8)Lx8 D}8g}A1SIs'f܃S$9(^OdCN; Qpz#k>Ąr_IL< ϑU-c-ZȚ 1N fi&$3[aOϧ,7ź-k m R> aM>\+vq/3XGk e>M&R;XlEVP(.VS39UeQsQgtK50#{цTl3 .ZB0Z\c>וBm}PT|-ڍeYm;)ku`dEكƚtʿFޅ*ټX4b,bblT?#^:uJx^uQMo0 =y!@h%i^wqJT( sE/_}GۖkSp -=#_‴3[q✥q٥I1I>+1$rvYU&s2{+~uyX iD}PEv9hQ >B)s0Å (hZO#J N2,Fx=ƿvD!͓-|Xrڛb5ŀlݎ Uo8ksZit/9vpѾJ{9 VKZ make sure Javascript eval and Script objects are run with the privileges of the context that created them, not the potentially elevated privilege of the context calling them in order to protect against an additional variant of MFSA 2005-41.

The Mozilla Foundation Security Advisory MFSA 2005-41 url>http://www.mozilla.org/security/announce/mfsa2005-44;B6N@pJ&x^M0۰n"rwIc1lV*`c@[-t ?GG>})\u _=E#~Xt1!s+EG!31f'LU'g2#t2@=6 aE/kmt@[x`cP#3'8J>Cr!D3}ȸ|/,3j{`Zm0YcJ\ 4Ea<) !er_팧ڶ2jb2ͦBGM)%43$+xf08D^qՉ&L݋;g9C"6U=Y0SZyOb.ww8_ }j+ޛ5Tjy#N9Uf)Jx=-1N:w> Jqx^R1n0}X\|6lpHp)rubLqr{RޑdJΐQ ùIvEͭ|$c{&CN()gF1Hq::nr+8Ysm27]q3I6EwUU췫du]uETRx5bAq[|=;D g-˟1$@kMX&xR̃U8bb[;GǑA[< aLbT,IP</Sly#'?6¤X2bl#HΠCf&|,uZ9h@O gyWh ?2JI&hbx^UPIr <ǯP$yQ$a# ^P`Uq}l ;0]>@ =0qpEH)G|PFTkyXg&i]U-ٗl6<t('X gs˃( ^}s8} ʭJmC}چ- Կ~LQ ¥1iQc9}% &w_Q *Ì)AowR{Df(-:#Bh(TBrk%V@I(PXʸ92|cޮR ҳЭ^-\e영.%~}ԚHw?S~Jlx^}RMo0 =ȩ69ɺ):53mѶ:[2b V[&]O{ݧwEWգ7ꇮc<00c$nVϘwk@'3p-ˁ%6#%e4DLysrGma6q]5Z'2PL~v,N{HPrx^eRn@>O1ʥ ƱcWK*JNzmvQ.~I_`rh4|+^$m58UeBO.8Y<W >ݢr.l!:$$MH=˛˼%-=8oj)1,le7c$KECO)_dœ+a3t#}H_[K+kz $Td@O<5: ł5{&,@5YQT\E%K?zi:BK+xYDc<`pB7[SJ8Džݠ}؋lmޢ+E@