RSS Feed: Xerox Security Bulletins

Feed URL:   


What is an RSS Feed?

"RSS (Really Simple Syndication) Feed" is a generic term for a variety of formats (including Atom 1.0 and RSS 2.0, both of which are used by Xerox) of what are known as "syndication feeds". Syndication feeds are a way of publishing text, media files and other content in a manner that allows users to subscribe to future updates.

How do I use an RSS Feed?

Feeds are usually read with "Feed Reader" applications. There are a variety of these applications in many forms. Some web browsers and e-mail clients can read feeds, there are a number of web-based feed reader tools and there are desktop applications dedicated to reading feeds.

This page is designed to help you subscribe to a feed, in a variety of ways:

  • To subscribe in one of the web-based tools listed to the left, just click on the icon.
  • To subscribe in a desktop application, click the "View feed XML" link above.
  • Another option is to copy and paste the feed URL from the box above into your feed reader application.

Feed Content

Xerox Security Bulletin XRX15-001 V1.1
Tue Jan 20 09:33:46 2015

Xerox Security Bulletin XRX15-001 V1.1
1/20/2015 Re-Issued this date to remove "draft" from file title.
Cumulative update for Common Criteria Certification


NOTE: Version 1.1 was published to fix a URL typo.

The System Software Versions for the WorkCentre 5845/5855/5865/5875/5890, WorkCentre 7220/7225, WorkCentre 7830/7835/7845/7855, ColorQube 8700/8900 and ColorQube 9301/9302/9303 models are cumulative updates that incorporate security vulnerability fixes up through 06 June 2014 as well as other non-security related defect fixes. These releases are Common Criteria certified (see http://www.xerox.com/information-security/common-criteria-certified/enus.html).

The system software releases for the products are designed to be installed by the customer. Please follow the links and procedures contained in the bulletin to install the solution. The system software versions are full system releases so the patch criticality rating is not applicable.




Xerox Security Bulletin XRX14-008_V1.0
Mon Nov 10 06:32:46 2014

Xerox Security Bulletin XRX14-008
Bash Shellshock Command Line Interpreter Vulnerability
v1.0
11/10/2014


Background
A vulnerability has been discovered in the Bash command shell that can allow attackers to remotely execute commands on a target system. Even systems that don’t allow remote command shell connections may still use Bash to execute commands in the Apache web server and other network-facing applications. Unix and Unix-derived systems like Linux and Mac OS X are vulnerable to these attacks since they use Bash as the default command shell.

A Bash Shellshock document addressing this vulnerability has been posted to the URL www.xerox.com/security.

NOTE: Review the bulletin for a more complete list of devices.





Xerox Security Bulletin XRX14-006 V1.1
Fri Nov 7 01:59:48 2014

Xerox Security Bulletin XRX14-006
Bash Shellshock Command Line Interpreter Vulnerability
v1.1
11/07/2014


Background
A vulnerability has been discovered in the Bash command shell that can allow attackers to remotely execute commands on a target system. Even systems that don’t allow remote command shell connections may still use Bash to execute commands in the Apache web server and other network-facing applications. Unix and Unix-derived systems like Linux and Mac OS X are vulnerable to these attacks since they use Bash as the default command shell.

A Bash Shellshock document addressing this vulnerability has been posted to the URL www.xerox.com/security.