from Wesley Griffin <wgriffin@jtan.com>
This module implements the Digital Signature Algorithm (DSA) using
a thin XS wrapper to the DSA functions in OpenSSL.
from Wesley Griffin <wgriffin@jtan.com>
This module is an XS perl module designed to provide basic RSA
functionality. It does this by providing a glue to the RSA functions
in the OpenSSL library.
Largely rewritten by Rudiger Kuhlmann includes support for version 8
of the protocol, internationalization, file transfer, etc. License
now GPL, see http://www.micq.org
From new maintainer David Krause
- cast NULL to (void *) in execl call to make sure it is 64 bit
on 64 bit address systems; per new gcc warning
- Respect ${SYSCONFDIR}, ${LOCALBASE}
- fix some formatting
---
The MigrationTools are a set of Perl scripts for migrating users,
groups, aliases, hosts, netgroups, networks, protocols, RPCs, and
services from existing nameservices (flat files, NIS, and NetInfo)
to LDAP.
WWW: http://www.padl.com/OSS/MigrationTools.html
A security vulnerability has been confirmed to exist in Apache Tomcat
4.0.x releases (including Tomcat 4.0.5), which allows to use a specially
crafted URL to return the unprocessed source of a JSP page, or, under
special circumstances, a static resource which would otherwise have been
protected by security constraint, without the need for being properly
authenticated. This is based on a variant of the exploit that was
disclosed on 09/24/2002.
Zack Weinberg found a vulnerability in the way the exevpe() method
from the os.py module uses a temporary file name. A file which
supposedly should not exist is created in a unsafe way and the method
tries to execute it. The objective of such code is to discover what
error the operating system returns in a portable way.
By exploiting this vulnerability a local attacker can execute
arbitrary code with the privileges of the user running python code
which uses the execvpe() method.
http://python.org/sf/590294http://python.org/sf/601077
