[CentOS] New java update?

Tue Mar 5 21:23:25 UTC 2013
Fernando Cassia <fcassia at gmail.com>

On Tue, Mar 5, 2013 at 6:08 PM, Rainer Duffner <rainer at ultra-secure.de> wrote:
> The question is rather: are there days without new "emergency patches" for Java?

Yeah, right, like there are no 0day patches periodically for a
multitude of software, including Apache, PHP, and the like. And what
are Microsoft´s "Patch Tuesday" Windows updates for, after all?.

Adobe Rolls out emergency patch for Flash plug-in
http://www.itworldcanada.com/news/adobe-rolls-out-emergency-flash-patch/146804

Critical PHP vulnerability exposes web sites to data theft
http://www.infoworld.com/t/application-security/critical-php-vulnerability-exposes-servers-data-theft-or-worse-192428

Top ten PHP security vulnerabilities (Oct 2012)
http://phpmaster.com/top-10-php-security-vulnerabilities/

PHP patches actively exploited CGI vulnerability
http://www.pcworld.com/article/255289/php_patches_actively_exploited_cgi_vulnerability.html

Security is a process. There is no "permanently secure" software. Not
even OpenBSD with its "memory randomization".

http://pages.citebite.com/h9a3a5k5umdw

FC


-- 
During times of Universal Deceit, telling the truth becomes a revolutionary act
Durante épocas de Engaño Universal, decir la verdad se convierte en un
Acto Revolucionario
- George Orwell