+ RHSA-2014:0310 Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2014-0310.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514
+ Mozilla Firefox 28 released
http://www.mozilla.jp/firefox/28.0/releasenotes/
+ Mozilla Thunderbird 24.3.0 released
http://www.mozilla.jp/thunderbird/24.4.0/releasenotes/
+ MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering
http://www.mozilla.org/security/announce/2014/mfsa2014-32.html
+ MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects
http://www.mozilla.org/security/announce/2014/mfsa2014-31.html
+ MFSA 2014-30 Use-after-free in TypeObject
http://www.mozilla.org/security/announce/2014/mfsa2014-30.html
+ MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs
http://www.mozilla.org/security/announce/2014/mfsa2014-29.html
+ MFSA 2014-28 SVG filters information disclosure through feDisplacementMap
http://www.mozilla.org/security/announce/2014/mfsa2014-28.html
+ MFSA 2014-27 Memory corruption in Cairo during PDF font rendering
http://www.mozilla.org/security/announce/2014/mfsa2014-27.html
+ MFSA 2014-26 Information disclosure through polygon rendering in MathML
http://www.mozilla.org/security/announce/2014/mfsa2014-26.html
+ MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape
http://www.mozilla.org/security/announce/2014/mfsa2014-25.html
+ MFSA 2014-24 Android Crash Reporter open to manipulation
http://www.mozilla.org/security/announce/2014/mfsa2014-24.html
+ MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore
http://www.mozilla.org/security/announce/2014/mfsa2014-23.html
+ MFSA 2014-22 WebGL content injection from one domain to rendering in another
http://www.mozilla.org/security/announce/2014/mfsa2014-22.html
+ MFSA 2014-21 Local file access via Open Link in new tab
http://www.mozilla.org/security/announce/2014/mfsa2014-21.html
+ MFSA 2014-20 onbeforeunload and Javascript navigation DOS
http://www.mozilla.org/security/announce/2014/mfsa2014-20.html
+ MFSA 2014-19 Spoofing attack on WebRTC permission prompt
http://www.mozilla.org/security/announce/2014/mfsa2014-19.html
+ MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key
http://www.mozilla.org/security/announce/2014/mfsa2014-18.html
+ MFSA 2014-17 Out of bounds read during WAV file decoding
http://www.mozilla.org/security/announce/2014/mfsa2014-17.html
+ MFSA 2014-16 Files extracted during updates are not always read only
http://www.mozilla.org/security/announce/2014/mfsa2014-16.html
+ MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
http://www.mozilla.org/security/announce/2014/mfsa2014-15.html
+ CESA-2014:0304 Important CentOS 6 mutt Update
http://lwn.net/Alerts/590965/
+ CESA-2014:0306 Moderate ruby193-rubygem-actionpack SCL Security Update
http://lwn.net/Alerts/590966/
+ CESA-2014:0305 Moderate CentOS 5 samba Update
http://lwn.net/Alerts/590967/
+ UPDATE: HPSBNS02969 rev.2 - HP NonStop Servers running Java 7, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04126444-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ RHSA-2014:0311 Critical: php security update
http://rhn.redhat.com/errata/RHSA-2014-0311.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
+ Apache HTTPD 2.2.27 released
http://www.apache.org/dist/httpd/CHANGES_2.2.27
+ Java SE 8 Released
http://www.oracle.com/technetwork/java/javase/8train-relnotes-latest-2153846.html
+ Apache mod_dav and mod_log_config Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1029926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
+ OpenSSH AcceptEnv Wildcard Processing Flaw May Let Remote Authenticated Users Bypass Environment Restrictions
http://www.securitytracker.com/id/1029925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
+ Samba smbcacls Command Error May Let Remote Users Bypass Access Controls
http://www.securitytracker.com/id/1029922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442
+ SA57446 Linux Kernel DCCP Packets Handling Memory Corruption Vulnerabilities
http://secunia.com/advisories/57446/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523
+ SA57349 PHP "gdImageCreateFromXpm()" NULL Pointer Dereference Vulnerability
http://secunia.com/advisories/57349/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
+ Linux Kernel Multiple Function Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/66279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523
Check Point response to "Bypassing Application Control"
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk98851&src=securityAlerts
InterScan Web Security Suite 5.6 Linux版 Service Pack 1 (Build 1062) 一時公開停止のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2097
Network VirusWall Enforcer バージョン 2.0/3.x 用 ネットワークウイルス検索エンジン 公開のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2092
JVNDB-2014-000029 spモードメールにおいて Java メソッドが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000029.html
JVNDB-2014-000028 spモードメールで作成中のメールへのアクセスに関する問題
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000028.html
JVNDB-2014-000027 spモードメールにおける受信メールの添付ファイルへのアクセスに関する問題
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000027.html
2014年版 情報セキュリティ10大脅威
http://www.ipa.go.jp/security/vuln/10threats2014.html
スパイウエア入りスマートフォン、米企業が堂々発売
http://itpro.nikkeibp.co.jp/article/NEWS/20140318/544444/?ST=security
政府がサイバー攻撃の大規模訓練、全府省庁100人が参加
http://itpro.nikkeibp.co.jp/article/NEWS/20140318/544422/?ST=security
0 件のコメント:
コメントを投稿