Mandriva Linux Security Advisory 2015-231 - Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

Mandriva Linux Security Advisory 2015-232 - A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function _asn1_extract_der_octet().

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Ubuntu Security Notice 4332-2 - USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.

Ubuntu Security Notice 4338-2 - USN-4338-1 fixed vulnerabilities in re2c. This update provides the corresponding update for Ubuntu 20.04 LTS. Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

Ubuntu Security Notice 4342-1 - Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

Ubuntu Security Notice 4341-2 - USN-4341-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. Various other issues were also addressed.

Ubuntu Security Notice 4333-2 - USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.

Ubuntu Security Notice 4330-2 - USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.

Ubuntu Security Notice 4352-1 - It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service.

Ubuntu Security Notice 4352-2 - USN-4352-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service. Various other issues were also addressed.

Togo won a record number of greenfield investment projects last year.

Escalation in protests across the globe in 2019 are forecast to persist into the new decade, according to Verisk Maplecroft report.

Global FDI flows recorded a marginal 1% fall in 2019, but the value of announced greenfield investment projects plummets by 22%.

In spite of the uncertainty caused by Brexit, London retains its position as fDi's European City of the Future for 2020/21, while Paris keeps the regional crown.

London has retained its position as fDi’s European City of the Future, while Paris has climbed to second place, knocking Dublin into the third spot. 

London is crowned best major city in Europe in fDi's FDI Strategy category, with Glasgow, Vilnius, Reykjavik and Galway also winning out.

Paris Region has kept its fDi European Region of the Future title, while Dublin Region holds on to second place and North Rhine-Westphalia is in third. 

North Rhine-Westphalia is fDi's top large region for FDI Strategy, with the Basque Country topping the table for mid-sized regions and Ireland South East first among small regions. 

London LEP and Thames Valley Berkshire LEP hold on to their respective first and second places in the Local Enterprise Partnership rankings, while Oxfordshire LEP jumps up eight places to third. 

Red Hat Security Advisory 2019-1821-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.

Red Hat Security Advisory 2019-2925-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2019-2939-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2019-2955-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution.

Ubuntu Security Notice 4261-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Ubuntu Security Notice 4281-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Red Hat Security Advisory 2020-0573-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

Red Hat Security Advisory 2020-0579-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

Red Hat Security Advisory 2020-0597-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

Red Hat Security Advisory 2020-0598-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.

Red Hat Security Advisory 2020-0602-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. HTTP request smuggling was addressed along with other security issues.