Search Results

Search found 12720 results on 509 pages for 'moss2007 security'.

Page 294/509 | < Previous Page | 290 291 292 293 294 295 296 297 298 299 300 301 | Next Page >

Critical Patch Update for October 2012 Now Available

- by Steven Chan (Oracle Development)

The Critical Patch Update (CPU) for October 2012 was released on July 16, 2012. Oracle strongly recommends applying the patches as soon as possible. The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied. Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information. The Critical Patch Update Advisory is available at the following location: Oracle Technology Network The next four Critical Patch Update release dates are: January 15, 2013 April 16, 2013 July 16, 2013 October 15, 2013 E-Business Suite Releases 11i and 12 Reference Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2012) (Note 1486535.1)

Read the article
How To Check If Your Account Passwords Have Been Leaked Online and Protect Yourself From Future Leaks

- by Chris Hoffman

Security breaches and password leaks happen constantly on today’s Internet. LinkedIn, Yahoo, Last.fm, eHarmony – the list of compromised websites is long. If you want to know whether your account information was leaked, there are some tools you can use. These leaks often lead to many compromised accounts on other websites. However, you can protect yourself by using unique passwords everywhere – if you do, password leaks won’t be a threat to you. Image Credit: Johan Larsson on Flickr 8 Deadly Commands You Should Never Run on Linux 14 Special Google Searches That Show Instant Answers How To Create a Customized Windows 7 Installation Disc With Integrated Updates

Read the article
Database Insider Newsletter: February 2011 Edition Available

- by jenny.gelhausen

The February edition of the Database Insider Newsletter is now available. This edition covers the upcoming IOUG's Day of Real World Performance Tour What's coming for Collaborate 2011 How Oracle helps you steer clear of security pitfalls and much more... Enjoy! var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); try { var pageTracker = _gat._getTracker("UA-13185312-1"); pageTracker._trackPageview(); } catch(err) {}

Read the article
Recordings Available - Features & Functions Forms Module

- by MHundal

ETPM provides robust Forms functionality that allows implementations to configure Registration & Tax Forms, configure Form Rules and process the Forms. The Forms Definition allows for defining the Form Sections and Form Lines. The Forms Generator uses the Forms Definition details to create the necessary Business Objects, Application Security and User Interfaces to allow interaction with the Forms. Form Rules are used for validation of the Form Line details and creating entities in the system (creating taxpayers, accounts, financial transactions, etc...). The following recordings provide an overview of the Forms Definition Process, Form Rules and other important concepts part of the Forms Module. Forms Module Overview: https://oracletalk.webex.com/oracletalk/ldr.php?AT=pb&SP=MC&rID=66851417&rKey=7de22df4978e7974 Forms Configuration Overview: https://oracletalk.webex.com/oracletalk/ldr.php?AT=pb&SP=MC&rID=66964342&rKey=ea564cfd701bb32d Form Rules Overview: https://oracletalk.webex.com/oracletalk/ldr.php?AT=pb&SP=MC&rID=66966652&rKey=2e02c1e28e058d70

Read the article
Why "Fork me on github"?

- by NoBugs

I understand how Github works, but one thing I've been confused about is, why almost every OSS project lately has a "Fork me on Github" link on their homepage. For example, http://jqtjs.com/, http://www.daviddurman.com/flexi-color-picker/, and others. Why is this so common? Is it that they want/need code validation, checking for security/performance improvements that they may not know how to do? Is it meant to show that this is a collaborative project - you're welcome to add improvements? Do they work for Github, or want to promote their service? Oddly enough, I don't think I've seen a "Fork project on Bitbucket" logo recently. My first reaction to that logo was that the project probably needs to be modified (forked) in order to integrate it with anything useful - or that they are encouraging fragmented codebase, encouraging everyone to make their own fork of the project. But I don't think that is the intent.

Read the article
Set secondary receiver in PayPal Chained Payment after the initial transaction

- by CJxD

I'm running a service whereby customers seek the services of 'freelancers' through our web platform. The customer will make a 'bid' which is immediately taken from their accounts as security. Once the job is completed, the customer marks it as accepted and the bid gets distributed to the freelancer(s) as a reward. After initially storing these rewards in the accounts of the freelancers and relying on MassPay to sort out paying them later, I realised that your business needs to be turning over at least £5000/month before MassPay is switched on. Instead, I was referred to Delayed Chained Payments in PayPal's Adaptive Payments API. This allows the customer to pay the primary receiver (my business) before the payment is later triggered to be sent to the secondary receivers (the freelancers). However, at the time that the customer initiates this transaction, you must understand that nobody yet knows who will receive the reward. So, before I program this whole Adaptive Payments system, is it even possible to change or add the secondary receivers after the customer has paid? If not, what can I do?

Read the article
OTN APAC Tour 2012: Bangkok, Thailand - Oct 22, 2012

- by Mike Dietrich

Roy had done some of the South America OTN Tour 2012 dates earlier this year in Peru and Chile. And I'm looking forward to present next Monday, October 22nd, 2012, on the OTN Tour 2012 in Bangkok, Thailand. The event will be held at the Eastin Grand Hotel in Bangkok. Register today for the OTN APAC Tour 2012 in Bangkok, Thailand! Presentations will include: 9:30am - 10:15am:Best Practices for Upgrading to Oracle Database 11.2 1:00pm - 1:45pm:How to improve Upgrade Performance - Real Speed, Real Customers, Real Secrets 2:45pm - 3:30pm:Oracle Data Pump: Overview and Best Practices Plus presentations about Security, RMAN and other topics by Francisco Alvarez and others. Please find the complete agenda here. Looking forward to meet you on Monday - CU there

Read the article
Webcast: Moving Client/Server and .NET Applications to Windows Azure Cloud

- by Webgui

The Cloud and SaaS models are changing the face of enterprise IT in terms of economics, scalability and accessibility . Visual WebGui Instant CloudMove transforms your Client / Server application code to run natively as .NET on Windows Azure and enables your Azure Client / Server application to have a secured-by-design plain Web or Mobile browser based accessibility. Itzik Spitzen VP of R&D, Gizmox will present a webcast on Microsoft Academy on Tuesday 8 March at 8am (USA Pacific Time) explaining how VWG bridges the gap between Client/Server applications’ richness, performance, security and ease of development and the Cloud’s economics & scalability. He will then introduce the unique migration and modernization tools which empower customers like Advanced Telemetry, Communitech, and others, to transform their existing Client/Server business application to a native Web Applications (Rich ASP.NET) and then deploy it on Windows Azure which allows accessibility from any browser (or mobile if desired by the customer). Registration page on Microsoft Academy: https://www.eventbuilder.com/microsoft/event_desc.asp?p_event=1u19p08y

Read the article
Lubuntu 12.04 is a non-LTS release - does this mean that LXDE isn't, either?

- by MHC

Lubuntu 12.04 is not a long-term-support release. That's mostly due to a lack of manpower. But I don't use Lubuntu on my machine, I use LXDE over stock Ubuntu 12.04 LTS. So my question is: In the next five years, will there be security updates and bug fixes for LXDE-packages such as Openbox, PCmanFM and LXsession? Or does the "LTS" in 12.04 LTS only include stock Unity packages? I guess this question is just as relevant for any other DE out there.

Read the article
PHP accessible shared content between two websites on the same VPS on different domains/IPs

- by Lee Fentress

I have two ecommerce websites, selling music digital downloads, on the same VPS, currently using cPanel/WHM (but thinking of switching to Virtualmin). They have separate domains and IPs of course. They both share from the same set of music files, so I have duplicate copies in each website directory, which takes up a lot of disk space. How might I go about sharing the same set of music files across both sites, allowing PHP access, so that it does not break my shopping cart's functionality of serving customers the downloads after they have paid for them? I thought of maybe using symlinks or something, but I don't know if it's possible, or if it would have to somehow circumvent built-in security features of the server. I'm new to VPS management.

Read the article
Is it possible for a web-server to send more files than requested for, and have the browser accept them?

- by Osiris

I've created a basic web server for a school project, and it serves static content without a problem. I thought of having the server parse all htm/html files for links to .js/.css/image files, and send these files to the client without these files being requested by the client later. eg. The browser requests: index.htm The server responds with intex.htm and image.jpg I modified the server to send two distinct http responses for a "GET /index.html HTTP1.1" (one for the html page and one for the image), but the browser ended up requesting the image when it was good and ready. Is there any way to bypass this? (use a multipart response, perhaps) Will these files be accepted by most browsers, or will they be rejected for security reasons?

Read the article
Is hierarchical product backlog a good idea in TFS 2012-2013?

- by Matías Fidemraizer

I'd like to validate I'm not in the wrong way. My team project is using Visual Studio Scrum 2.x. Since each area/product has a lot of kind of requirements (security, user interface, HTTP/REST services...), I tried to manage this creating "parent backlogs" which are "open forever" and they contain generic requirements. Those parent backlogs have other "open forever" backlogs, and/or sprint backlogs. For example: HTTP/REST Services (forever) ___ Profiles API (forever) ________ POST profile (forever) _______________ We need a basic HTTP/REST profiles' API to register new user profiles (sprint backlog) Is it the right way of organizing the product backlog? Note: I know there're different points of view and that would be right for some and wrong for others. I'm looking for validation about if this is a possible good practice on TFS with Visual Studio Scrum.

Read the article
How does session middleware generally verify browser sessions?

- by BBnyc

I've been using session middleware to build web apps for years: from PHP's built-in session handling layer to node's connect session middleware. However, I've never tried (or needed) to roll my own session handling layer. How would one go about it? What sort of checks are necessary to provide at least some modicum of security against HTTP session highjacking? I figure setting a cookie with a token to keep track of the session, and then perhaps some check to see that the originating IP address of the session doesn't change and that the client browser software remains consistent. Hoping to hear about current best-practices...

Read the article
How should I practice web server administration?

- by Astyanax

Security students can practice their skills with software like OWASP's webgoat or something similar to "hackthissite". Students interested in Operating Systems can study MINIX and PintOS, write shell scripts or study POSIX system calls. What would be the best course of action in order to practice Server Administration? Is there any such software/resource available, teaching you such skills with small lessons, or it is totally up to you? I've practiced live FreeBSD server administration and management of VMs (CentOS, Gentoo, Debian) under VirtualBox, but I always feel that this isn't enough and I must push myself harder. So, what would you recommend? What has worked for you?

Read the article
6 Ways To Secure Your Dropbox Account

- by Chris Hoffman

Dropbox is a hugely popular cloud storage service beloved by many. Unfortunately, it’s had a history of security problems, ranging from compromised accounts to once allowing access to every Dropbox account without requiring a password for several hours. If you’re using Dropbox, there are a variety of ways you can secure your account against unauthorized access and protect your files even if someone does gain access to your account. Why Does 64-Bit Windows Need a Separate “Program Files (x86)” Folder? Why Your Android Phone Isn’t Getting Operating System Updates and What You Can Do About It How To Delete, Move, or Rename Locked Files in Windows

Read the article
Unified Communications Suite Ships New Version

- by joesciallo

We shipped the latest version (7.0.5.0.0) of Unified Communications Suite. The following information should get you started: Get the Software New Features Release Notes Some Changes for 7.0.5.0.0 Convergence: Version 3.0.0.0.0 enables you to use the add-on framework to add third-party services to the Convergence UI. These services include: Advertising Click-to-call service Multinetwork IM SMS (both one-way and two-way) Social media applications (Facebook, Twitter, and Flickr) Video and voice calling capability For more information, see Overview of Add-on Services in Convergence. Calendar Server: Version 7.0.4.14.0 provides a number of security enhancements, including supporting the SSL protocol for all front-end and back-end communications, and the ability to list hosts that are allowed to send iSchedule POST requests. For more information, see Securing Communications to Calendar Server Back Ends. New Platform Support: Oracle GlassFish Server 3, Oracle Solaris 11, and Oracle Enterprise Linux 6.x are supported in this release of Communications Suite.

Read the article
Award-Winning Architects at Oracle OpenWorld

- by Bob Rhubart

"The Winner," a sculpture by John J. Seward Jr. The role of the IT architect may be the most hotly debated and unjustly maligned role in IT. But at this year's Oracle OpenWorld in San Francisco several architects will enjoy some much-deserved recognition through the Oracle Magazine Technologist of the Year Awards. Part of the Oracle Excellence Awards, the Technologist of the Year Awards "honor Oracle technologists for their cutting-edge solutions using Oracle products and services." Seven of the ten Technologist of the Year categories honor architects: Technologist of the Year: Big Data Architect Technologist of the Year: Cloud Architect Technologist of the Year: Enterprise Architect Technologist of the Year: Mobile Architect Technologist of the Year: Security Architect Technologist of the Year: Social Architect Technologist of the Year: Virtualization Architect If you or one of your colleagues is an architect deserving of this recognition, click the appropriate link above to find the nomination form. Deadline for nominations is Tuesday, July 17, 2012. For more information see: Technologist of the Year Awards. See last year's winners here.

Read the article
Keyboard settings for a Mac+PC world

- by Sahil Malik

SharePoint, WCF and Azure Trainings: more information I’m one of those weridos who lives in a Mac+PC world. I write code for both iOS and Windows platforms. I also travel quite a bit, and airlines and airport security are starting to weigh your carry ons, and beginning to frown on the powerplant of batteries you need to carry to power SharePoint on an airplane. This means, my main work machine has to be a Macbook Pro, since it is the only machine that can do both XCode and Visual Studio Virtualized and SharePoint virtualized nicely. The problem this causes of course, is you will literally pull your hair out when dealing with keyboard/shortcut differences. So here is my work setup, Running Mac for all my normal work Virtualizing using VMWare Fusion – and sometimes I move these VMs to my windows server so I can run them on VMware workstation. Frequently RDP’ing into VMs in the cloud or running on my home server. So, Read full article ....

Read the article
Multiple vulnerabilities in Thunderbird

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2372 Permissions, Privileges, and Access Controls vulnerability 3.5 Thunderbird Solaris 11 11/11 SRU 2 Solaris 10 Contact Support CVE-2011-2995 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2997 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2998 Denial Of Service (DoS) vulnerability 10.0 CVE-2011-2999 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2011-3000 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 CVE-2011-3001 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2011-3005 Denial Of Service (DoS) vulnerability 9.3 CVE-2011-3232 Improper Control of Generation of Code ('Code Injection') vulnerability 9.3 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
5 Tips and Tricks to Get the Most Out of Steam

- by Chris Hoffman

If you’re a PC gamer, there’s a good chance you’re familiar with Valve’s Steam and use it regularly. Steam includes a variety of cool features that you might not notice if you’re just using it to install and launch games. These tips will help you take advantage of an SSD for faster game loading times, browse the web from within a game, download games remotely, create backup copies of your games, and use strong security features. HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font Customization

Read the article
OpenJDK 6 B27 Available

- by user9158633

On October 26, 2012 the source bundle for OpenJDK 6 b27 was published at http://download.java.net/openjdk/jdk6/. The main changes in b27 are the latest round of security updates and a number of other fixes. For more information see the detailed list of all the changes in OpenJDK 6 B27. Test Results: All the jdk regression tests run with make test passed on linux_i586 cd jdk6 make make test Note: sun/tools/jinfo/Basic.sh test failed on linux_x64. For the current list of excluded tests see jdk6/jdk/test/ProblemList.txt file: ProblemList.html in B27 | Latest ProblemList.txt (in the tip revision). Special thanks to Kelly O'Hair for his contributions to the project and Dave Katleman for his Release Engineering work.

Read the article
OpenJDK 6 B26 Available

- by user9158633

On September 21, 2012 the source bundle for OpenJDK 6 b26 was published at http://download.java.net/openjdk/jdk6/. The main changes in b26 are the latest round of security updates and a number of other fixes. For more information see the detailed list of all the changes in OpenJDK 6 B26. Test Results: All the jdk regression tests run with make test passed on linux. cd jdk6 make make test For the current list of excluded tests see jdk6/jdk/test/ProblemList.txt file: ProblemList.html in B26 | Latest ProblemList.txt (in the tip revision). Special thanks to Kelly O'Hair for his contributions to the project and Dave Katleman for his Release Engineering work.

Read the article
Installing Ubuntu 12.10 on new computer with Windows 8

- by rft183

I recently purchased a new HP computer (P6-2330) with Windows 8. I have tried unsuccessfully to install Ubuntu 12.10 64bit alongside Windows 8. The computer is UEFI with Secure Boot enabled. I've tried following the instruction at https://help.ubuntu.com/community/UEFI. I am able to get the GRUB menu to show up. However, as soon as I press Enter on either Try Ubuntu or Install Ubuntu, the screen goes blank. Nothing works at all, not even the Num Lock or Caps Lock keys on the keyboard. I have to use the power button to restart the computer. Does anyone have any suggestions on how to get Ubuntu installed? To clarify, I have actually tried installing using both a USB stick and a DVD. The USB stick gave a blank screen, while the DVD gave the error message "Empty Security Header" after pressing Enter at the GRUB screen.

Read the article
Public Cloud, co-location and managed services ... what is the cloud?

- by llaszews

Recently I have had conversation with a number of people that are selling and implementing 'cloud' solutions. I put cloud in quotes as implementations like co-location (aka co-lo) and managed services (sometimes referred to as 'your mess for less') have become popular options for companies moving to the cloud. These are obviously not pure public cloud offerings and probably more of hybrid cloud implementations as the infrastructure (PasS and IaaS)is dedicated to a specific customer. This eliminates the security, multi-tenancy, performance and other concerns that companies have regarding public cloud. Are co-location and managed services cloud to you? Are they something your company is considering when you think about cloud ?

Read the article
SSL Certificate

- by outdoorcat

I've received the email below from google about my wordpress site and have no idea how to follow the instructions. Any help out there? Dear Webmaster, The host name of your site, https://www.example.com/, does not match any of the "Subject Names" in your SSL certificate, which were: *.wordpress.com wordpress.com This will cause many web browsers to block users from accessing your site, or to display a security warning message when your site is accessed. To correct this problem, please get a new SSL certificate from a Certificate Authority (CA) with a "Subject Name" or "Subject Alternative DNS Names" that matches your host name. Thanks, The Google Web-Crawling Team

Read the article

< Previous Page | 290 291 292 293 294 295 296 297 298 299 300 301 | Next Page >