Lawyer Herald |
Google Nexus 6 on Verizon Receives Android 6.0.1 Marshmallow Security Patches
Lawyer Herald SAN FRANCISCO, CA – JULY 24: A Google employee demonstrates playing a video on a phone and transferring it to a television using the new Google Chromecast SDK during a Google special event at Dogpatch Studios on July 24, 2013 in San Francisco, … |
The Xen Project released new versions of its virtual machine hypervisor, but forgot to fully include two security patches that had been previously made available.
The Xen hypervisor is widely used by cloud computing providers and virtual private server hosting companies.
Xen 4.6.1, released Monday, is flagged as a maintenance release, the kind that are put out roughly every four months and are supposed to include all bug and security patches released in the meantime.
“Due to two oversights the fixes for both XSA-155 and XSA-162 have only been partially applied to this release,” the Xen Project noted in a blog post. The same is true for Xen 4.4.4, the maintenance release for the 4.4 branch that was released on Jan. 28, the Project said.
To read this article in full or to leave a comment, please click here
ZDNet |
Android security: Google kills remote hacker bug, patches seven critical flaws
ZDNet This month's fixes were shared with Android partners on January 4 but so far only BlackBerry has issued a patch. Image: Shutterstock. Google has fixed a critical bug in Android that can be remotely exploited by an email, MMS, or link to a webpage that … Google fixes multiple Wi-Fi flaws, mediaserver bugs in Android Critical Wi-Fi Flaw Patched on Android Google Fixes Multiple Errors in Newest Android Security Update |
The OpenSSL project has patched a problem in the cryptographic library but one that likely does not affect many popular applications.
OpenSSL enables SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption. Most websites use it, which is indicated in Web browsers with a padlock symbol.
It’s an open-source library that is widely used in applications for secure data transfers. After serious vulnerabilities were found in OpenSSL over the last couple of years, the application has been under much scrutiny by security researchers.
The latest vulnerability affects versions 1.0.1 and 1.0.2. The updated versions are 1.0.2f and 1.0.1r.
To read this article in full or to leave a comment, please click here