|
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
|
|
|
Source: Network World - Posted by Anthony Pell
|
|
Google plans to remove online certificate revocation checks from future versions of Chrome, because it considers the process inefficient and slow. Browsers currently check if a website's SSL certificate has been revoked by its issuing Certificate Authority (CA) when trying to establish an HTTPS connection. |
|
|
Source: CSO Online - Posted by Dave Wreski
|
|
From the start, Google's Safe Browsing API was designed to spot malicious web pages so users wouldn't get trapped in them. Google identifies these sites through its own algorithms and user notification.
|
|
|
Source: H Security - Posted by Anthony Pell
|
|
The PHP developers are working to fix a critical security vulnerability in PHP that they introduced with a recent security patch. The current stable release is affected; however, it is not yet clear whether the questionable patch was also applied to older versions. |
|
|
Source: Infosecurity US - Posted by Anthony Pell
|
|
Mozilla has released the latest version of its browser, Firefox 10, with fixes for nine security flaws, including five critical vulnerabilities.
|
|
|
Source: H Security - Posted by Dave Wreski
|
|
Following the release of new versions of its open source Firefox web browser, Thunderbird email client and SeaMonkey suite, Mozilla has detailed the security fixes included in each of the updates. According to the project's Security Center page for Firefox, version 10.0 closes a total of 8 security holes in the browser, 5 of which are rated as "Critical" by Mozilla. |
|
|
Source: H Security - Posted by Dave Wreski
|
|
Google has released version 16.0.912.77 of Chrome which closes several security holes in the WebKit-based web browser. The update addresses a total of four vulnerabilities, all of which are rated as "high severity". |
|
|
Source: H Security - Posted by Dave Wreski
|
|
The developers of the Apache Struts 2 Java web framework have released version 2.3.1.2. This closes a critical hole in versions of Struts from 2.0.0 to 2.3.1.1 that allowed for remote command execution. The vulnerability makes it possible for the protection around OGNL, an expression language used for getting and setting properties of Java objects, to be bypassed and arbitrary expressions be evaluated. |
|
|
Source: H Security - Posted by Dave Wreski
|
|
The Apache Tomcat developers are advising users of the 7.0.x, 6.0.x and 5.5.x branches of the Java servlet and JSP container to update to the latest released versions 7.0.23, 6.0.35 and 5.5.35. Recent investigations revealed inefficiencies in how large numbers of parameters and parameter values were handled by Tomcat. |
|
|
Source: PC World - Posted by Dave Wreski
|
|
The National Security Agency (NSA) has released SE Android, a security-enhanced version of Android, which provides and enforces stricter access-control policies than those found in the popular mobile operating system by default. |
|
|
Source: ZDNet Blogs - Posted by Dave Wreski
|
|
A new draft of Microsoft’s Windows 8 hardware certification specs confirms what we already knew: the new Secure Boot feature won’t lock out Linux on hundreds of millions of new PCs. But Linux backers are demanding the right to hack a new class of devices that doesn’t yet exist. |
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 10 of 1161 |
