Risk
10/17/2012
05:35 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

BSA Statement On White House Engagement With Industry On Cybersecurity Policy

Listening session gives stakeholders an opportunity to air practical considerations

WASHINGTON, DC -- October 17, 2012 -- BSA | The Software Alliance today welcomed efforts by the White House to engage with industry stakeholders on key aspects of cybersecurity policy.

"The Administration deserves kudos for actively listening to industry perspectives on cybersecurity policy," said BSA Director of Government Relations Tim Molino after a Wednesday afternoon "listening session" at the White House. "We appreciate that Cybersecurity Coordinator Michael Daniel and his colleagues are weighing practical concerns as the President considers a possible executive order."

"BSA agrees with the Administration that at the end of the day we need Congress to pass legislation," said Molino. "We look forward to continuing to work with Members of Congress and the Administration to shape the cybersecurity policy that America desperately needs."

About BSA

BSA |The Software Alliance (www.bsa.org) is the leading global advocate for the software industry. It is an association of more than 70 world-class companies that invest billions of dollars annually to create software solutions that spark the economy and improve modern life. Through international government relations, intellectual property enforcement and educational activities, BSA expands the horizons of the digital world and builds trust and confidence in the new technologies driving it forward.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3154
Published: 2014-04-17
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file conte...

CVE-2013-2143
Published: 2014-04-17
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.

CVE-2014-0036
Published: 2014-04-17
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.

CVE-2014-0054
Published: 2014-04-17
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External ...

CVE-2014-0071
Published: 2014-04-17
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.

Best of the Web