Feed aggregator

[SECURITY] [DSA 4624-1] evince security update

Security Updates from SECLISTS - Sun, 02/16/2020 - 23:33

Posted by Salvatore Bonaccorso on Feb 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4624-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 14, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : evince
CVE ID : CVE-2017-1000159 CVE-2019-11459...

[SECURITY] [DSA 4625-1] thunderbird security update

Security Updates from SECLISTS - Sun, 02/16/2020 - 23:30

Posted by Moritz Muehlenhoff on Feb 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4625-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 15, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : thunderbird
CVE ID : CVE-2020-6792 CVE-2020-6793...

[TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG)

Security Updates from SECLISTS - Fri, 02/14/2020 - 07:04

Posted by Thierry Zoller on Feb 14


[EnumJavaLibs]_ Remote Java classpath enumerator

Security Updates from SECLISTS - Fri, 02/14/2020 - 06:54

Posted by RedTimmy Security on Feb 14

Hi,
we have just released EnumJavaLibs to perform java classes enumeration against java services.

To discover a deserialization vulnerability is often easy. When source code is available, it comes down to finding
calls to readObject() and finding a way for user input to reach that function. In case we don’t have source code
available, we can spot serialized objects on the wire by looking for binary blobs or base64 encoded objects (recognized...

[SECURITY] [DSA 4623-1] postgresql-11 security update

Security Updates from SECLISTS - Fri, 02/14/2020 - 06:50

Posted by Moritz Muehlenhoff on Feb 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4623-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-11
CVE ID : CVE-2020-1720

Tom Lane...

[slackware-security] mozilla-firefox (SSA:2020-042-01)

Security Updates from SECLISTS - Fri, 02/14/2020 - 06:50

Posted by Slackware Security Team on Feb 14

[slackware-security] mozilla-firefox (SSA:2020-042-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-68.5.0esr-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

[SECURITY] [DSA 4622-1] postgresql-9.6 security update

Security Updates from SECLISTS - Fri, 02/14/2020 - 06:46

Posted by Moritz Muehlenhoff on Feb 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4622-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-9.6
CVE ID : CVE-2020-1720

Tom Lane...

[slackware-security] mozilla-thunderbird (SSA:2020-042-02)

Security Updates from SECLISTS - Fri, 02/14/2020 - 06:43

Posted by Slackware Security Team on Feb 14

[slackware-security] mozilla-thunderbird (SSA:2020-042-02)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-68.5.0-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

Open Your Organization to Honest Conversations

Harvard Business School Working Knowledge - Thu, 02/13/2020 - 00:00
When company leaders can't hear the voices of their workers, serious strategic mistakes are likely. Michael Beer discusses ways organizations can build powerful communication channels.by Dina Gerdeman9411Michael Beer6421Book

10 Rules Entrepreneurs Need to Know Before Adopting AI

Harvard Business School Working Knowledge - Tue, 02/11/2020 - 00:00
Business leaders are just beginning to adopt artificial intelligence and machine learning into their operations. Rocio Wu offers insights into how entrepreneurs can start riding the wave.by Rocio Wu9399Sharpening Your Skills

[SECURITY] [DSA 4618-1] libexif security update

Security Updates from SECLISTS - Mon, 02/10/2020 - 12:03

Posted by Salvatore Bonaccorso on Feb 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4618-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 06, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libexif
CVE ID : CVE-2019-9278
Debian Bug :...

[SECURITY] [DSA 4619-1] libxmlrpc3-java security update

Security Updates from SECLISTS - Mon, 02/10/2020 - 12:00

Posted by Salvatore Bonaccorso on Feb 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4619-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 06, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libxmlrpc3-java
CVE ID : CVE-2019-17570
Debian Bug...

xglance-bin exploit (CVE-2014-2630)

Security Updates from SECLISTS - Mon, 02/10/2020 - 11:56

Posted by redazione on Feb 10

In one of our recent penetration tests we have abused a vulnerability affecting a suid binary called “xglance-bin“.
Part of HP Performance Monitoring solution, it allowed us to escalate our local unprivileged sessions on some Linux
RHEL 6.x/7.x/8.x systems to root. To be very honest, it was not the first time we leveraged that specific vulnerability
as we abused it frequently on many HP servers with RHEL installed since 2014.

There has...

6 Ways That Emerging Technology Is Disrupting Business Strategy

Harvard Business School Working Knowledge - Mon, 02/10/2020 - 00:00
How are AI, data analytics, and the Internet of Things changing the way business leaders think about strategy? Harvard Business School faculty members discuss how emerging technology has changed the rules of competition.by Danielle Kost9410Frank Nagle566431Raffaella Sadun541712Alexander J. MacKay879788David J. Collis6660Rembrand M. Koning876389Andy Wu871877In Practice

Fostering Perceptions of Authenticity via Sensitive Self-Disclosure

Harvard Business School Working Knowledge - Mon, 02/10/2020 - 00:00
By making sensitive self-disclosures, leaders can enhance how authentic their followers perceive them to be, leading to positive interpersonal outcomes and potentially organizational ones as well.by Li Jiang, Maryam Kouchaki, Francesca Gino, Reihane Boghrati, and Leslie John9409Francesca Gino271812Leslie K. John589473Working Paper Summaries

The Old Boys' Club: Schmoozing and the Gender Gap

Harvard Business School Working Knowledge - Fri, 02/07/2020 - 00:00
Over a four-year period, male employees assigned a male manager were promoted at a faster rate than their female counterparts, with no observable difference in performance. Male employees benefited from the higher rates of social interactions with their male managers.by Zoë B. Cullen and Ricardo Perez-Truglia9408Zoe B. Cullen879471Working Paper Summaries

Pages