[ANNOUNCEMENT] Apache HTTP Server 2.4.1 Released

Apache HTTP Server 2.4.1 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the GA release of version 2.4.1 of the Apache HTTP Server. This version of Apache HTTP Server is the first GA release of the new 2.4.x branch. Apache HTTP Server 2.4 provides a number of improvements and enhancements over the 2.2 …

CVE-2012-0206 (authoritative_server)

common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.

CVE-2011-3025 (chrome)

Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

SA-CORE-2012-001 – Drupal core multiple vulnerabilities

Advisory ID: DRUPAL-SA-CORE-2012-001 Project: Drupal core Version: 6.x, 7.x Date: 2012-February-01 Security risk: Moderately critical Exploitable from: Remote Vulnerability: Access bypass, Cross Site Request Forgery, Multiple vulnerabilities Description Cross Site Request Forgery vulnerability in Aggregator module CVE: CVE-2012-0826 An XSRF vulnerability can force an aggregator feed to update. Since some services are rate-limited (e.g. Twitter limits requests to 150 per …