+ RHSA-2014:1172 Important: procmail security update
https://rhn.redhat.com/errata/RHSA-2014-1172.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618
+ RHSA-2014:1172 Important: procmail security update
https://access.redhat.com/errata/RHSA-2014:1172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618
+ CESA-2014:1172 Important CentOS 7 procmail Security Update
http://lwn.net/Alerts/611424/
+ CESA-2014:1172 Important CentOS 6 procmail Security Update
http://lwn.net/Alerts/611422/
+ CESA-2014:1172 Important CentOS 5 procmail Security Update
http://lwn.net/Alerts/611423/
+ CESA-2014:1167 Important CentOS 6 kernel Security Update
http://lwn.net/Alerts/611421/
+ Thunderbird 31.1.1 released
https://www.mozilla.org/en-US/thunderbird/31.1.1/releasenotes/
+ UPDATE: HPSBGN03099 rev.2 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04424322-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ curl and libcurl 7.38.0 released
http://curl.haxx.se/changes.html#7_38_0
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620
+ Apache Tomcat Bug Lets Remote Users Upload and Execute Arbitrary Code in Certain Cases
http://www.securitytracker.com/id/1030834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444
+ Apache Tomcat 7.0.39 Remote Code Execution
http://cxsecurity.com/issue/WLB-2014090051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444
+ SA61026 cURL / libcURL Cookie Handling Two Security Issues
http://secunia.com/advisories/61026/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620
+ Linux Kernel 'netdevice.h' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/69721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3535
+ Linux Kernel CVE-2014-0205 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/69725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0205
+ Squid 'snmpHandleUdp()' Function Off-By-One Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/69686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6270
+ Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/69728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444
JVNVU#98509080 UEFI EDK2 の Capsule Update 処理に複数の脆弱性
http://jvn.jp/vu/JVNVU98509080/
News & Trend
[続報]ベネッセの再発防止策は正攻法か、奇策か
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/091000052/?ST=security
ベネッセ漏洩対象は国内総人口4割の4800万人、各世帯に500円金券を配布
http://itpro.nikkeibp.co.jp/atcl/news/14/091000822/?ST=security
ベネッセとラックが合弁会社設立へ、事件受け「世界有数の体制目指す」
http://itpro.nikkeibp.co.jp/atcl/news/14/091000821/?ST=security
データベース管理者の1割は「情報を売るかもしれない」
http://itpro.nikkeibp.co.jp/atcl/news/14/091000820/?ST=security
情報漏えいをエージェントレスで監視する小型装置、コムスクエアの特定用途向け第4弾
http://itpro.nikkeibp.co.jp/atcl/news/14/091000817/?ST=security
IEに37件の脆弱性、1件についてはゼロデイ攻撃を確認
http://itpro.nikkeibp.co.jp/atcl/news/14/091000816/?ST=security
VU#241508 CacheGuard OS contains a cross-site request forgery vulnerability
http://www.kb.cert.org/vuls/id/241508
0 件のコメント:
コメントを投稿