Security updates for all NodeJS release lines

Updates are now available for all active Node.js release lines as well as the 7.x line. These include the fix for the high severity vulnerability, one additional lower priority Node.js vulnerability in the 4.x release line, as well as some lower priority fixes for Node.js dependencies across the current release lines.

Continue reading ...

BIND9: unauthorized dynamic updates

Description: An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update.

Continue reading ...