Oracle has issued an out-of-cycle patch for a denial of service flaw in the Apache web server, versions httpd 2.0 or 2.2, affecting a range of products.
Whilst Oracle has not given the vulneability a high rating, it noted how easily the flaw could be exploited.
Google has announced the availability of Chrome 14 in the stable channel of Chrome releases. Chrome 14 supports the W3C-proposed Web Audio API, a high level JavaScript API for manipulating audio in web applications; examples shown by Google include a Drum Machine, four oscillator synth and a WebGL analyser and visualiser.
Just a quick heads-up that Adobe will join Microsoft in releasing major security updates during Patch Tuesday next week (September 13, 2011).
Adobe plans to release “critical” patches to cover code execution vulnerabilities in its flagship Reader X software (Windows and Mac OS X). The company is also planning to ship updates for Adobe Acrobat X (10.1) and earlier versions for Windows and Mac to resolve critical security issues.
A pair of security researchers have created their own version of the notorious Firesheep plugin to expose a data leak in the world's favourite search engine.
The proof-of-concept plugin exploits the use of unencrypted cookies by Google's Web History feature.
Still smarting from a counterfeit secure sockets layer certificate that threatened at least 300,000 of its users in Iran, Google has no plans to fortify its Chrome browser with an experimental technology that bypasses the current system for validating websites.
1Password version 3.9 is now available exclusively via Apple's Mac App Store. This version also requires Mac OS X 10.7 Lion, and will require users to pay a $20 upgrade fee. This update illustrates the an apparently awkward situation for developers with existing users. Users with conventional license keys won't transfer over to Mac App Store purchases for the same versions.
The openSUSE project has announced that the upcoming sixth milestone release of version 12.1 of the openSUSE operating system will be reclassified as a beta.
The National Security Agency is moving to open source a secure database technology, Accumulo, that it has been developing internally since 2008.
The spy agency over the weekend submitted the project, constructed of about 200,000 lines of mostly Java code, to the Apache Foundation for incubation.
We all face them far more frequently that we'd like: bugs! But which ones are exploitable? Which ones are actually security vulnerabilities? How hard would it be for an attacker to turn a lame PoC for a given bug into a weaponized exploit targetting your own server?
Google, after working for months on a version of its Chrome Frame that can sidestep PC lockdown constraints, has released the first stable version of the plug-in for Internet Explorer.
Chrome Frame embeds a version of Google's browser into older versions of Microsoft's browser. Chrome Frame shows Web pages using the Chrome engine when Web programmers have set a flag that the software checks for.
