Bugtraq: [SECURITY] [DSA 4052-1] bzr security update
http://ift.tt/2zGlo3R
Security News
via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv
November 30, 2017 at 09:14PM
Bugtraq: [SECURITY] [DSA 4052-1] bzr security update
http://ift.tt/2zGlo3R
Security News
via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv
November 30, 2017 at 09:14PM
Bugtraq: [SECURITY] [DSA 4051-1] curl security update
http://ift.tt/2nn3Msq
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
– ————————————————————————
–
Debian Security Advisory DSA-4051-1 security (at) debian (dot) org [email concealed]
http://ift.tt/1kZ5swi Yves-Alexis Perez
November 29, 2017 http://ift.tt/1S3Txy1
– ————————————————————————
–
Package : curl
CVE ID : CVE-2017-8816 CVE-2017-8817
Two vulnerabilities were discovered in cURL, an URL transfer library.
CVE-2017-8816
Alex Nichols discovered a buffer overrun flaw in the NTLM authentication
code which can be triggered on 32bit systems where an integer overflow
might occur when calculating the size of a memory allocation.
CVE-2017-8817
Fuzzing by the OSS-Fuzz project led to the discovery of a read out of
bounds flaw in the FTP wildcard function in libcurl. A malicious server
could redirect a libcurl-based client to an URL using a wildcard pattern,
triggering the out-of-bound read.
For the oldstable distribution (jessie), these problems have been fixed
in version 7.38.0-4+deb8u8.
For the stable distribution (stretch), these problems have been fixed in
version 7.52.1-5+deb9u3.
We recommend that you upgrade your curl packages.
For the detailed security status of curl please refer to
its security tracker page at:
http://ift.tt/2BAhHhM
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://ift.tt/1kZ5swi
Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]
—–BEGIN PGP SIGNATURE—–
iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAloekh0ACgkQ3rYcyPpX
RFvPYQf+Mm7HZwKKv7g7s6UV0vmD6/EfKJwGeLgBgs2QKdUjqJOXjtKYRBjHNSFt
ye555SeTlD7wLWYXgJmPSAJxacKVTBo9wMW1gM/KOUELmPCrAQTBcvYiupg01oak
L5M69d/Z+w2uzBoH55Jl/jQ9mDgrzsCUuuyRKBmBHlFRZt9VCd5uCbK1+I7bl2HG
uhFJIn7FSq7q+E1HJ8JTzfnOuuzbJjBYsO/DaJCfdYI9Uh0GVcmxwuVwA3ommLif
pycyVvF7MidbtwV9vzcd20jx40nje8rl6Pkfxw6yI3W567Qv+cJCwTuGrgZLQXJQ
uPsZWlarqHnLb3Wd2h7HuIWC8u/SUA==
=DvR1
—–END PGP SIGNATURE—–
Security News
via SecurityFocus Vulnerabilities http://ift.tt/Y0pFEv
November 30, 2017 at 09:14PM
Apple’s rocky week with passwords in High Sierra [VIDEO]
http://ift.tt/2AiaZP3
Apple experienced a high-pressure bug report this week – a way to bypass the root password, no less!
Then there was a superquick fix, and a problem with the fix, and a fix for the fix…
…so here’s what happened and what we can learn from it:
(Can’t see the video directly above this line? Watch on Facebook instead.)
Note. With most browsers, you don’t need a Facebook account to watch the video, and if you do have an account you don’t need to be logged in. If you can’t hear the sound, try clicking on the speaker icon in the bottom right corner of the video player to unmute.
Security News
via Naked Security http://ift.tt/1pHdTOi
November 30, 2017 at 07:30PM
Car-Cade Build Drives Unthrottled Determination
http://ift.tt/2j551HM
Remember those dashboard-shaped racing games from the ’80s, like Tomy Turnin’ Turbo? [Daniel] has long wanted to bring one of those into the modern age. After finding that someone beat him to it, he went in another direction and built his own mini-cabinet from the ground up, dedicated to Dirt Rally.
The idea was to build the smallest possible computer than can run SteamOS and fit inside of a cabinet printed on a Prusa clone. At first, [Daniel] tried driving a MinnowBoard around. The frame rate was atrocious, so he switched to an ASUS mini-STX board and went from there.
The printed steering wheel and throttle are both analog inputs—each uses a 10kΩ pot connected to a Pimoroni PiCade controller. We love [Daniel]’s lo-tech way of using rubber bands to self-center them. We also love the post-processing he did on the steering wheel to give it that just-right grippy feel (it’s Plasti-Dip rubber paint), because it looks fantastic.
The lovely blue cabinet is an homage to [Daniel]’s Dirt Rally destroyer of choice, the rally blue ’95 Subaru Impreza. He had an arduous print/sand/prime/paint plan all worked out for the prototype, but ultimately printed the parts in different colors to get the look right. [Daniel] went through four different blue filaments alone before he was satisfied.
Motor around the break for a quick walk around the completed cabinet, and park it for the teaser video that scored [Daniel] a swag bag from the Dirt Rally devs through the magic of social media. Now that it’s cold and flu season in the northern hemisphere, maybe you’d prefer to play driving games without touching anything.
Security News
via Hackaday https://hackaday.com
November 30, 2017 at 07:00PM
Internet Of Things (IoT) In Utility Market projected to grow at +20% CAGR: Know about Basic Influencing Factors by …
http://ift.tt/2jzwoJC
IoT is at the center stage of digital transformation. IoT technology can bring exceptional operational efficiency to the utility sector. It can provide more visibility in the challenging operational environment, where the automation process can have a potential role to play. Cost efficiency, reliability, and safety are the desired goals achieved with the IoT application in the utility sector.
Internet Of Things (IoT) In Utility Market estimated to grow at a CAGR of +20% during forecast period
This market research report gives an in-depth idea about the Global Internet Of Things (IoT) In Utility market. It highlights the recent market scenario, growth in the past few years, and opportunities present for manufacturers in the future. In this research for the completion of both primary and secondary details, methods and tools are used. The thorough examination has been done in this report to bring about the share and position of global market. In the report, the complete analysis of the growth revenue is offered.
Get Sample copy of this Report @: http://ift.tt/2i3x61p
Companies Profiled in this report includes, Silver Spring Networks, Inc., Trilliant, Inc., OSI Soft Inc., C3 Energy, Energyworx B.V., Cryptosoft, Tibbo Technology Inc., Amplia Soluciones S.L.
The emergence of cloud platform, declining cost of IoT components, regional government initiatives for smart grid roll-out, necessity of operational efficiency for utilities are some of the factors driving the demand for IoT in utility industry across the globe.
As leading companies take efforts to maintain their dominance in the global Internet Of Things (IoT) In Utility market, the right way to do so is by adopting new technologies and strategies. The report highlights major technological developments and changing trends adopted by key companies over a period of time. Key companies operating in the global Internet Of Things (IoT) In Utility market are profiled by considering factors such as capacity production, products/services, applications, cost, gross, and revenue.
Access Complete Report @: http://ift.tt/2jzsJf2
Reason to Access Internet Of Things (IoT) In Utility Market Research Report:
This research, highlighting the current situation of the Global Internet Of Things (IoT) In Utility market, focuses on answering some of the important questions faced by stakeholders. By providing answers to all of these questions related to the key drivers and dominant companies, the report’s authors also focus on different factors, which would create new growth opportunities in the global market. Prepared by an expert team, the report on the global Internet Of Things (IoT) In Utility market highlights recent developments, key trends, and new project developments in the market. As leading companies take efforts to maintain their dominance in the global market, the right way to do so is by adopting new technologies and strategies.
Get Discount on This Premium Report now @: http://ift.tt/2i3ioYb
Table of Contents
Global Internet Of Things (IoT) In Utility Market Research Report 2017
Chapter 1 Internet Of Things (IoT) In Utility Market Overview
Chapter 2 Global Economic Impact on Industry
Chapter 3 Global Market Competition by Manufacturers
Chapter 4 Global Production, Revenue (Value) by Region
Chapter 5 Global Supply (Production), Consumption, Export, Import by Regions
Chapter 6 Global Production, Revenue (Value), Price Trend by Type
Chapter 7 Global Market Analysis by Application
Chapter 8 Manufacturing Cost Analysis
Chapter 9 Industrial Chain, Sourcing Strategy and Downstream Buyers
Chapter 10 Marketing Strategy Analysis, Distributors/Traders
Chapter 11 Market Effect Factors Analysis
Chapter 12 Global Market Forecast
Source: Press Release
Security News,IoT News
via IoT – Google News http://ift.tt/2h68U1y
November 30, 2017 at 06:57PM
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
– ————————————————————————
–
Debian Security Advisory DSA-4052-1 security (at) debian (dot) org [email concealed]
http://ift.tt/1kZ5swi Salvatore Bonaccorso
November 29, 2017 http://ift.tt/1S3Txy1
– ————————————————————————
–
Package : bzr
CVE ID : CVE-2017-14176
Debian Bug : 874429
Adam Collard discovered that Bazaar, an easy to use distributed version
control system, did not correctly handle maliciously constructed bzr+ssh
URLs, allowing a remote attackers to run an arbitrary shell command.
For the oldstable distribution (jessie), this problem has been fixed
in version 2.6.0+bzr6595-6+deb8u1.
For the stable distribution (stretch), this problem has been fixed in
version 2.7.0+bzr6619-7+deb9u1.
We recommend that you upgrade your bzr packages.
For the detailed security status of bzr please refer to its security
tracker page at:
http://ift.tt/2Bw0Axn
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://ift.tt/1kZ5swi
Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]
—–BEGIN PGP SIGNATURE—–
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlofEEVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Qm8Q/9F/SkaPBSWFg1Ucjcl1icg3ZxqDNTfHdcO3FFOpFoY+rqGvjoDHkbjKb7
KnmNzxhzmc9954/P0JOYdmgYbNfwa7JQDBHFLrUmh9NiOADMrpBaYG85LcTS9g2A
0H/BwATivhxFPHIdN0GYP57eFOaheSQzq0Kb53PEoOfLQUoRKBwioopjQgqd347y
sx6oVzCTtT6Rjma99GEuXD8M4MYNNA8cTPAqZRUP6xc+m1BCzpCdYGemxq5fBVls
M/lf5WOFsS42aHUijtVuCWmnfD1NwcAxBTmWxP1u8piapzrnaEcLvHxy0j9dqPrb
wJC56eBxi6MFpUrIXb8toLU3cmmrKdg7UjIPu2HxFZfyoerddnKS+KvTmCGf3Lgn
AGwiswKZZ8pNsFTDaaQW49Aegas5clZDq94acZ/9K6qefVskUG2D5g1l1VVE4uat
HfaYCXUek4/BHlHdSVYa9bmXLboAHKa9jnfb8qc0xJffmK8aphiDeHb+l40JumNL
Zc3xf7K6VK7puK0eNPnBOiVfKXVDsPYUIioEJSNELGr3hVcCTl7HTxvjGIkvgUKG
3tRXF2iYyjPTCUqwZ+3+ZWpkTa1en4em91aClbMKDGImEzUTYXb7QZfOUTDn9D3m
9BKF0wTqE3hsKPFqa0MTtVQxDugzJDrLZXnKkZn+NSoHNzJuT9M=
=R/5l
—–END PGP SIGNATURE—–
[ reply ]