2014年7月17日木曜日

17日 木曜日、友引

+ RHSA-2014:0890 Important: java-1.7.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2014-0890.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266

+ RHSA-2014:0889 Critical: java-1.7.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2014-0889.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266

+ RHSA-2014:0678 Important: kernel security updat
https://access.redhat.com/errata/RHSA-2014:0678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196

+ RHSA-2014:0861 Moderate: lzo security update
https://access.redhat.com/errata/RHSA-2014:0861

+ RHSA-2014:0741 Critical: firefox security updat
https://access.redhat.com/errata/RHSA-2014:0741

+ RHSA-2014:0867 Moderate: samba security update
https://access.redhat.com/errata/RHSA-2014:0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493

+ RHSA-2014:0702 Moderate: mariadb security update
https://access.redhat.com/errata/RHSA-2014:0702

+ RHSA-2014:0786 Important: kernel security, bug fix, and enhancement updat
https://access.redhat.com/errata/RHSA-2014:0786

+ RHSA-2014:0827 Moderate: tomcat security update
https://access.redhat.com/errata/RHSA-2014:0827

+ RHSA-2014:0685 Important: java-1.6.0-openjdk security update
https://access.redhat.com/errata/RHSA-2014:0685

+ RHSA-2014:0675 Critical: java-1.7.0-openjdk security update
https://access.redhat.com/errata/RHSA-2014:0675

+ RHSA-2014:0889 Critical: java-1.7.0-openjdk security update
https://access.redhat.com/errata/RHSA-2014:0889

+ RHSA-2014:0679 Important: openssl security update
https://access.redhat.com/errata/RHSA-2014:0679

+ RHSA-2014:0704 Moderate: qemu-kvm security and bug fix updat
https://access.redhat.com/errata/RHSA-2014:0704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894

+ RHSA-2014:0703 Moderate: json-c security update
https://access.redhat.com/errata/RHSA-2014:0703

+ RHSA-2014:0820 Important: docker security update
https://access.redhat.com/errata/RHSA-2014:0820

+ RHSA-2014:0687 Moderate: libtasn1 security updat
https://access.redhat.com/errata/RHSA-2014:0687

+ RHSA-2014:0686 Important: tomcat security updat
https://access.redhat.com/errata/RHSA-2014:0686

+ RHSA-2014:0684 Important: gnutls security update
https://access.redhat.com/errata/RHSA-2014:0684

+ RHSA-2014:0790 Moderate: dovecot security updat
https://access.redhat.com/errata/RHSA-2014:0790

+ RHSA-2014:0680 Important: openssl098e security update
https://access.redhat.com/errata/RHSA-2014:0680

+ RHSA-2014:0705 Critical: java-1.7.1-ibm security update
https://access.redhat.com/errata/RHSA-2014:0705

+ Google Chrome 36.0.1985.125 released
http://googlechromereleases.blogspot.jp/2014/07/stable-channel-update.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3162

+ CESA-2014:0889 Critical CentOS 6 java-1.7.0-openjdk Update
http://lwn.net/Alerts/605611/

+ CESA-2014:0890 Important CentOS 5 java-1.7.0-openjdk Update
http://lwn.net/Alerts/605612/

+ CESA-2014:0889 Critical CentOS 7 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/605613/

+ Cisco Wireless Residential Gateway Remote Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ciscosa-20140716-cm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3306

+ HPSBMU03072 SSRT101644 rev.2 - HP Data Protector, Remote Execution of Arbitrary Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04373818-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2623

+ GCC 4.9.1 released
https://gcc.gnu.org/gcc-4.9/

+ Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation
http://cxsecurity.com/issue/WLB-2014070084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2477

+ Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/68678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

+ Google Chrome Prior to 36.0.1985.122 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/68677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3162

JVNDB-2014-000079 多機能メールフォームフリーにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000079.html

チェックしておきたい脆弱性情報<2014.07.17>
http://itpro.nikkeibp.co.jp/atcl/column/14/268561/071400004/?ST=security

世界のセキュリティ・ラボから日経コミュニケーション
「Android L」はパスワード不要になる?
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/071400001/?ST=security

【実例で解き明かす、標的型サイバー攻撃の危険度】
攻撃者の内部活動を「可視化」、挙動を監視しその相関を見抜く
http://itpro.nikkeibp.co.jp/article/COLUMN/20140701/567915/?ST=security

「サイバーセキュリティは日本の城と同じ」、ガートナーの礒田氏
http://itpro.nikkeibp.co.jp/atcl/news/14/071600088/?ST=security

スナップショットの誤消去が42%、アイティフォーがデータ復旧の実態を報告
http://itpro.nikkeibp.co.jp/atcl/news/14/071600079/?ST=security

Google、ゼロデイ攻撃撲滅に取り組む「Project Zero」チームを発足へ
http://itpro.nikkeibp.co.jp/atcl/news/14/071600076/?ST=security

JVN#41028866 多機能メールフォームフリーにおけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN41028866/

REMOTE: Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability
http://www.exploit-db.com/exploits/34088

DoS/PoC: Node Browserify 4.2.0 - Remote Code Execution Vulnerability
http://www.exploit-db.com/exploits/34090

0 件のコメント:

コメントを投稿