12日 金曜日、大安

+ RHSA-2013:0737 Moderate: subversion security update
http://rhn.redhat.com/errata/RHSA-2013-0737.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1849

+ Mozilla Firefox 20.0.1 released
http://www.mozilla.org/en-US/firefox/new/

+ UPDATE: Cisco IOS Software Network Address Translation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat

+ UPDATE: Cisco IOS Software Smart Install Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall

+ UPDATE: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce

+ UPDATE: Cisco IOS Software Internet Key Exchange Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ike

+ UPDATE: Cisco IOS Software Protocol Translation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt

+ UPDATE: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp

+ UPDATE: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000

+ PSN-2013-04-910 2013-04: Junos Routing, Switching, and Security: Security Advisories Released
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-910&viewMode=view

+ PSN-2013-04-911 2013-04 Security Bulletin: Junos: Specially crafted SIP packet can cause the flowd process to crash
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-911&viewMode=view

+ PSN-2013-04-912 2013-04 Security Bulletin: Junos: SIP ALG on SRX Series may allow sessions not permitted by policy which can lead to a DoS
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-912&viewMode=view

+ PSN-2013-04-913 2013-04 Security Bulletin: Junos: Kernel crash while processing certain types of ARP packets
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-913&viewMode=view

+ PSN-2013-04-914 2013-04 Security Bulletin: Junos: J-Web Sajax remote code execution
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-914&viewMode=view

+ PSN-2013-04-915 2013-04 Security Bulletin: Junos: MBUF exhaustion with IPv6 egress filter on the loopback interface
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-915&viewMode=view

+ PSN-2013-04-916 2013-04 Security Bulletin: Junos: Ethernet traffic with invalid Ether-Type can trigger protocol packet drops on Ichip-based FPCs/DPCs
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-916&viewMode=view

+ PSN-2013-04-917 2013-04 Security Bulletin: Junos: Kernel crash when receiving crafted GRE packet on multicast tunnel interface
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-917&viewMode=view

+ PSN-2013-04-918 2013-04 Security Bulletin: Junos: DNSSEC validation Denial of Service (CVE-2012-3817)
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-04-918&viewMode=view
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

+ Oracle Critical Patch Update Pre-Release Announcement - April 2013
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

+ GCC 4.7.3 released
http://gcc.gnu.org/gcc-4.7/

+ PHP 5.4.14 and PHP 5.3.24 released!
http://php.net/ChangeLog-5.php

+ Sudo 1.8.6p8 released
http://www.sudo.ws/sudo/stable.html#1.8.6p8

phpMyAdmin at GSoC 2013
http://sourceforge.net/p/phpmyadmin/news/2013/04/phpmyadmin-at-gsoc-2013/

記者の眼
改めて感じる個人情報／プライバシー保護意識の大きな落差
http://itpro.nikkeibp.co.jp/article/Watcher/20130410/470035/?ST=security

コムスクエア、エージェントレス監視ソフトのPing限定版を無償提供
http://itpro.nikkeibp.co.jp/article/NEWS/20130411/470261/?ST=security

IRSは令状無しで電子メールを閲覧している---米人権団体が抗議
http://itpro.nikkeibp.co.jp/article/NEWS/20130411/470203/?ST=security

再開直後に再び不正ログイン被害、NTT東日本フレッツ光会員サイト
http://itpro.nikkeibp.co.jp/article/NEWS/20130411/470141/?ST=security

JVNVU#94324985 Plesk Panel に権限昇格の脆弱性
http://jvn.jp/cert/JVNVU94324985/index.html

JVNTA13-100A Microsoft 製品の複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA13-100A/index.html

JVN#65034198 Sleipnir for Windows におけるアドレスバー偽装の脆弱性
http://jvn.jp/jp/JVN65034198/index.html