Flash Player Critical Fix on Deck
With Microsoft and Google already having already released fixes for critical security bugs this week, Adobe is getting ready to join the party as it readies an important patch for its Adobe Flash Player software.
Search Results
Search found 16101 results on 645 pages for 'owsm webservices ws security ws trust soa secuirty'.
Page 333/645 | < Previous Page | 329 330 331 332 333 334 335 336 337 338 339 340 | Next Page >
-
-
Multiple Denial of Service (DoS) vulnerabilities in Apache Tomcat
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4858 Resource Management Errors vulnerability 5.0 Apache Tomcat Solaris 11 11/11 SRU 4 Solaris 10 SPARC: 122911-29 X86: 122912-29 Solaris 9 Contact Support CVE-2012-0022 Numeric Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Argument list too long and copying to Samba Share
- by Copy Run Start
Ubuntu 12.04 LTS 64 bit. I'm trying to make a scheduled task copy from a directory with thousands of files to a samba share (while skipping duplicates). I mapped my Samba share through the GUI. The command I tried: cp /home/security/Brick/* ~/.gvfs/"cam on atm-bak-01.local/Brick" -n I found this but I don't know how to change the syntax to what I need. find -maxdepth 1 -name '*.prj' -exec mv -t ../prjshp {} + Any hints are greatly appreciated.Read the article
-
Interim Patches for CVE-2011-4313 released through MOS
- by Alan
As reported on the article on the Sun Security Blog, interim patches are available for Solaris 8,9 and 10 directly from MOS without the need to log a Service Request. There is also Interim Relief available for Solaris 11, but at this point in time that will still require a Service Request. As seen from running "named -V", these patches implement the same fix as ISC by taking Bind to the version:BIND 9.6-ESV-R5-P1.Read the article
-
Critical Patch Updates During EBS 11i Exception to Sustaining Support Period
- by Elke Phelps (Oracle Development)
As previously blogged in the EBS 11i and 12.1 Support Timeline Changes entry, two important changes to the Oracle Lifetime Support policies were announced at Oracle OpenWorld 2012 - San Francisco. These changes affect E-Business Suite Releases 11i and 12.1. Critical Patch Updates for EBS 11i during the Exception to Sustaining Support Period You may be wondering about the availability of Critical Patch Updates (CPU) for EBS 11i during the Exception to Sustaining Support period. The following details the E-Business Suite Critical Patch Update support policy for EBS 11i during the Exception to Sustaining Support period: Oracle will continue to provide CPUs containing critical security fixes for E-Business Suite 11i. CPUs will be packaged and released as as cumulative patches for both ATG RUP 6 and ATG RUP 7. As always, we try to minimize the number of patches and dependencies required for uptake of a CPU; however, there have been quite a few changes to the 11i baseline since its release. For dependency reasons the 11i CPUs may require a higher number of files in order to bring them up to a consistent, stable, and well tested level. EBS 11i customer will continue to receive CPUs up to and including the October 2014 CPU. Where can I learn more? There are two interlocking policies that affect the E-Business Suite: Oracle's Lifetime Support policies for each EBS release (timelines which were updated by this announcement), and the Error Correction Support policies (which state the minimum baselines for new patches). For more information about how these policies interact, see: Understanding Support Windows for E-Business Suite Releases What about E-Business Suite technology stack components? Things get more complicated when one considers individual techstack components such as Oracle Forms or the Oracle Database. To learn more about the interlocking EBS+techstack component support windows, see these two articles: On Apps Tier Patching and Support: A Primer for E-Business Suite Users On Database Patching and Support: A Primer for E-Business Suite Users Where can I learn more about Critical Patch Updates?The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. Related Articles EBS 11i and 12.1 Support Timeline Changes Frequently Asked Questions about Latest EBS Support Changes Extended Support Fees Waived for E-Business Suite 11i and 12.0Read the article
-
What is the canonical resource on multi-tenancy web applications using ruby + rails
- by AlexC
What is the canonical resource on multi-tenancy web applications using ruby + rails. There are a number of ways to develop rails apps using cloud capabilities with real elastic properties but there seems to be a lack of clarity with how to achieve multitenancy, specifically at the model / data level. Is there a canonical resource on options to developing multitenancy rails applications with the required characteristics of data seperation, security, concurrency and contention required by an enterprise level cloud application.Read the article
-
When does Information become Data? (i.e. Information wants to be free) [closed]
- by James P. Wright
I hear Programmers often talk about how Information Wants To Be Free which I mostly agree with, but the thing that people don't often pay attention to is that Information and Data are not the same thing. Should Data also be free? Does that mean all of you should have full access to my Social Security Number and other personal "information"? Where is the limit? If there is a limit, why do people throw this phrase around like it fits every circumstance (like this one)Read the article
-
Oracle Magazine, September/October 2008
Oracle Magazine September/October features articles on Oracle Universal Content Management, identity management, security, Merrill Lynch and Oracle, ODP.NET, best PL/SQL practices, task flows, Oracle SQL Developer 1.5, Oracle Flashback technology, trigger maintenance and much more.Read the article
-
for an ajax heavy web application which would be better SOAP or REST?
- by coder
I'm building an ajax heavy application (client-side strictly html/css/js) which will be getting all the data and using server business logic via webservices. I know REST seems to be the hot topic but I can't find any good arguments. The main argument seems to be its "light-weight". My impression so far is that wsdl/soap based services are more expressive and allow for more a more complex transfer of data. It appears that soap would be more useful in the application I'm building where the only code consuming the services will be the js downloaded in the client browser. REST on the other hand seems to have a smaller entry barrier and so can be more useful for services like twitter in allowing other developers to consume these services easily. Also, REST seems to Te better suited for simple data transfers. So in summary SOAP is useful for complex data transfer and REST is useful in simple data transfer. I'm currently under the impression that using SOAP would be best due to the complexity of the messages but perhaps there's other factors. What are your thoughts on the pros/cons of soap/rest for a heavy ajax web app?Read the article
-
New Date for Implementation of Sun Hands-On Course Requirement
- by Harold Green
As announced on the Oracle Certification website, Java Architect, Java Developer, Solaris System Administrator and Solaris Security Administrator certification tracks will include a new mandatory course attendance requirement. Because of unforeseen disaster and subsequent recovery efforts underway in Japan, Oracle has extended the start date of this new requirement to October 1, 2011. Candidates may earn their certifications using the current track requirements (found on the Oracle Certification website) through September 30, 2011.Read the article
-
Configuration Tips for better Performance with ADF Mobile Apps
- by SRINI INDLA
Some tips to keep in mind to make sure ADF Mobile application's performance is optimal: 1. Select release mode in deployment profile. This is perhaps the most important thing to remember to ensure best performance for ADF Mobile Apps. Selecting this option causes the deployer to package optimized JVM and minified JS libs with the mobile app there by significantly improving the over all performance of the application. 2. For iOS you do not need to do anything else other than selecting release mode in deploy profile. However, on Android you have to create a keystore and configure it in JDev --> Tools --> Preferences --> ADF Mobile --> Platforms : Android as shown in the snapshot below 3. Steps for generating the Keystore for Android using keytool : 4. Logging level setting in logging.properties: Make sure the log level is set to SEVERE for both framework logger as well as the application logger as follows oracle.adfmf.framework.level=SEVERE oracle.adfmf.application.level=SEVERE 5. When using SOAP WebServices with WebService Data Control make sure you select the option to copy the WSDL. This will cause the JDev to download the WSDL and all the XSDs referenced by the WSDL from the server at design time and package them with the application during deployment. This way the application does not incur the cost of downloading these resources at run time from the device.Read the article
-
This Week on the Green Data Center Management Front
Among the big news this week in green data center management: Singapore pledges to cut carbon emissions by 16 percent by 2020, and for the second year in a row, data security is the primary concern and driver of IT asset disposition compliance efforts.Read the article
-
Multiple vulnerabilities in fetchmail
- by Umang_D
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3389 Improper Input Validation vulnerability 4.3 fetchmail Solaris 11 11/11 SRU 12.4 CVE-2012-3482 Denial of Service vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Week in Geek: Google Finds 9,500 New Malicious Websites Per Day
- by Asian Angel
Our last edition of WIG for June is filled with news link goodness covering topics such as a new printer bomb malware that wastes reams of paper, Google bars a website that converts YouTube songs into MP3s, Ubuntu plans to drop GRUB 2 to implement UEFI SecureBoot compatibility, and more. Image courtesy of Google Online Security Blog. How to Make Your Laptop Choose a Wired Connection Instead of Wireless HTG Explains: What Is Two-Factor Authentication and Should I Be Using It? HTG Explains: What Is Windows RT and What Does It Mean To Me?Read the article
-
Google I/O 2012 - Writing Secure Web Apps and Chrome Extensions
Google I/O 2012 - Writing Secure Web Apps and Chrome Extensions Jorge Lucangeli Obes Today, a carefully developed web app can boast a high level of security, by taking advantage of several technologies: HTML5, CSP, NaCl, and the Chrome extension framework. The objective of this session is to show how these technologies allow a developer to create a web app that rivals or exceeds a desktop app in features, while remaining more secure than its desktop counterpart. For all I/O 2012 sessions, go to developers.google.com From: GoogleDevelopers Views: 46 1 ratings Time: 56:16 More in Science & TechnologyRead the article
-
Idera Announces SQL Compliance Manager 3.6
Perhaps the main highlight of SQL compliance manager 3.6's impressive set of features is its ability to actively track any activities of privileged users. When users of high administrative privileges access column groups in monitored tables, SQL compliance manager 3.6 issues alerts to security administrators, compliance officers, IT auditors, and the like in a proactive manner. Such functionality allows the product to provide an extra barrier against the possibility of insider threats to an organization's data. Idera developed SQL compliance manager to supply its clients with real-time audit...Read the article
-
How to wipe RAM on shutdown (prevent Cold Boot Attacks)?
- by proper
My system is encrypted using Full Disk Encryption, i.e. everything except /boot is encrypted using dmcrypt/luks. I am concerned about Cold Boot Attacks. Prior work: https://tails.boum.org/contribute/design/memory_erasure/ http://tails.boum.org/forum/Ram_Wipe_Script/ http://dee.su/liberte-security http://forum.dee.su/topic/stand-alone-implementation-of-your-ram-wipe-scripts Can you please provide instructions on how to wipe the RAM once Ubuntu is shutdown/restarted? Thanks for your efforts!Read the article
-
Motion is saving images to home directory
- by Kevin
I was interested in setting up a home security network. I installed Motion in Ubuntu 12.04 and it worked fine. Then the next day I went to play around with it some more but the images are not being saved to /tmp/motion as the configuration file states, but to the home directory: [1] File of type 1 saved to: ./01-20121126211634-12.jpg Any idea if there is another setting that has more priority than the motion config file?Read the article
-
Pros and Cons of various career paths [closed]
- by Snitse
What are the advantages and disadvantages of various career paths within CS? By a path I mean something like: Web Development GUI Development Sys admin/DB admin/network admin Security (maybe should be grouped with sys admin) Programming back end (like a C programmer) Algorithm Development heavy programming And any other you think should be in this list. What are the various areas in which each of these professions excels, or lags?Read the article
-
CVE-2012-5195 Buffer Errors vulnerability in Perl
- by Ritwik Ghoshal
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-5195 Buffer Errors vulnerability 7.5 Perl 5.8 Solaris 10 SPARC: 148561-06 X86: 148562-06 Solaris 11.1 11.1.11.4.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Week in Geek: Dropbox Rolls Out 2-Step Authentication Feature in Experimental Desktop Client Build
- by Asian Angel
Our last edition of WIG for August is filled with news link goodness covering topics such as Firefox 17 will make add-ons more secure, password hints are easily extracted from Windows 7 and 8, the latest stable release of ChromeOS adds a new apps list feature, and more. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?Read the article
-
A New Law Could Change the Way You Build Database Applications
<b>SQL Server Magazine:</b> "Massachusetts recently passed a sweeping new data security law that will have a profound impact on the way the United States, and perhaps the rest of the world, manages and develops data-centric applications. Oddly, most people in the business don't seem to know about it."Read the article
-
Oracle Magazine, September/October 2006
Oracle Magazine September/October 2006 features articles on database security, data hubs, Oracle content management solutions, Oracle Magazine at twenty, Oracle OpenWorld, partitioning, Oracle Secure Enterprise Search, Ajax, PL/SQL from .NET, Oracle Application Express, and much more.Read the article
-
T-SQL Tuesday #016:Check Your Service Accounts with PowerShell
- by AllenMWhite
T-SQL Tuesday #016:Check Your Service Accounts with PowerShell This T-SQL Tuesday is about Aggregate Functions. It may be a bit of a stretch, but a security best practice to use separate service accounts for all your SQL Server services, so I've written some PowerShell code to check to see if any account is used more than once on a given machine. I take advantage of the SQLWmiManagement DLL to find the SQL Server services, which is a safer bet than filtering on a service name. First I load the SQLWmiManagement...(read more)Read the article
-
Oracle Magazine - Sep/Oct 2010
Oracle Magazine Sep/Oct features articles on Oracle Exadata, Database Security, Oracle Enterprise Manager 11g, PL/Scope to analyze your PL/SQL, Using Oracle Essbase Release 11.1.2 Aggregate Storage Option Databases, Oracle Application Express 4.0 Websheets, Oracle Automatic Storage Management disk groups, Tom Kyte revisits a classic, recounts Cardinality Feedback, and remembers SQL*Plus and much more.Read the article
