2014年2月26日水曜日

26日 水曜日、先負

+ RHSA-2014:0211 Important: postgresql84 and postgresql security update
http://rhn.redhat.com/errata/RHSA-2014-0211.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066

+ Selenium Server 2.40.0 released
http://code.google.com/p/selenium/wiki/Grid2

+ Selenium IE Driver Server 2.40.0 released
http://selenium.googlecode.com/git/cpp/iedriverserver/CHANGELOG

+ Selenium Client & WebDriver 2.40.0 released
http://selenium.googlecode.com/git/java/CHANGELOG

+ CESA-2014:X007 Moderate Xen4CentOS xen Security Update
http://lwn.net/Alerts/588238/

+ CESA-2014:0206 Moderate CentOS 5 openldap Update
http://lwn.net/Alerts/588237/

+ HPSBMU02966 rev.1 - HP Operations Orchestration, Unauthorized Access to Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04125866-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071

+ HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04140965-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6204

+ HPSBST02955 rev.1 - HP XP P9000 Performance Advisor Software, 3rd party Software Security - Apache Tomcat and Oracle Updates
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04047415-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0366
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232

+ HPSBST02937 rev.1 - HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager, Remote Execution of Arbitrary Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03995204-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4841

+ CVE-2013-0900 Race Conditions vulnerability in ICU
https://blogs.oracle.com/sunsecurity/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900

+ CVE-2013-5745 Input Validation vulnerability in Vino
https://blogs.oracle.com/sunsecurity/entry/cve_2013_5745_input_validation
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745

+ CVE-2008-0386 Improper Input Validation vulnerability in Xdg-utils
https://blogs.oracle.com/sunsecurity/entry/cve_2008_0386_improper_input
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386

+ CVE-2014-0591 Buffer Errors vulnerability in Bind
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0591_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591

+ CVE-2013-6462 Buffer Errors vulnerability in X.Org
https://blogs.oracle.com/sunsecurity/entry/cve_2013_6462_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462

+ CVE-2013-2561 Link Following vulnerability in OpenFabrics ibutils
https://blogs.oracle.com/sunsecurity/entry/cve_2013_2561_link_following
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2561

+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark9
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7114

+ CVE-2014-0397 Buffer Errors vulnerability in libXtsol
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0397_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0397

+ CVE-2013-4408 Buffer Errors vulnerability in Samba
https://blogs.oracle.com/sunsecurity/entry/cve_2013_4408_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408

+ CVE-2012-6150 Input Validation vulnerability in Samba
https://blogs.oracle.com/sunsecurity/entry/cve_2012_6150_input_validation
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150

+ CVE-2006-4810 Buffer overflow vulnerability in Texinfo
https://blogs.oracle.com/sunsecurity/entry/cve_2006_4810_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810

+ VU#684412 libpng denial-of-service vulnerability
http://www.kb.cert.org/vuls/id/684412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0333

+ SA57114 McAfee ePolicy Orchestrator XML External Entities Vulnerability
http://secunia.com/advisories/57114/

+ Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
http://www.securityfocus.com/bid/65773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286

+ Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
http://www.securityfocus.com/bid/65769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033

+ Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
http://www.securityfocus.com/bid/65768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590

Trend Micro Email Reputation Services の障害について
http://app.trendmicro.co.jp/support/news.asp?id=2083

ウイルスバスタービジネスセキュリティサービス 緊急メンテナンスのお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2082

2月に発見されたゼロデイ攻撃は大統領の日を狙ったもの、ファイア・アイが説明
http://itpro.nikkeibp.co.jp/article/NEWS/20140226/539182/?ST=security

標的型メールの訓練キットを強化、ショートカット攻撃を再現可能に
http://itpro.nikkeibp.co.jp/article/NEWS/20140225/539054/?ST=security

今さら聞けない! ソーシャルメディアの落とし穴
http://itpro.nikkeibp.co.jp/article/COLUMN/20131121/519670/?ST=security

日本を守る「七人の侍」
http://itpro.nikkeibp.co.jp/article/COLUMN/20131115/518333/?ST=security

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)