Good news everyone,

The Early Bird tickets for the AusCERT2012 conference have been extended to Monday the 23rd April. To extend the savings, register with some work colleagues and take advantage of the 'Buy 2 Get 1 Free' offer as well.

This week has given us a dump truck full of patches from Oracle for a long list of their products. There was even a little extra provided in the form of proof of concept exploit code for a MySQL DoS.

Apache released HTTP Server 2.4.2 to remedy CVE-2012-0883, and remind us that the new generation 2.4.x branch of Apache HTTPD represents fifteen years of innovation by the project. Here comes puberty for HTTPD.

Of particular note this week was a fix from OpenSSL for buffer overrun vulnerability CVE-2012-2110, which was discovered by Tavis Ormandy of the Google Security Team. Given the popularity of OpenSSL, expect to see this patch flow out to many products in the following days.

Enjoy a good weekend,
Marco