9日 火曜日、大安

+ RHSA-2014:1166 Important: jakarta-commons-httpclient security update
https://rhn.redhat.com/errata/RHSA-2014-1166.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3577

+ RHSA-2014:1166 Important: jakarta-commons-httpclient security update
https://access.redhat.com/errata/RHSA-2014:1166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3577

+ RHSA-2014:1144 Critical: firefox security update
https://access.redhat.com/errata/RHSA-2014:1144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567

+ Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3348

+ Java SE 8u20 released
http://www.oracle.com/technetwork/java/javase/8u20-relnotes-2257729.html

+ Samba 4.1.12 Available for Download
http://samba.org/samba/history/samba-4.1.12.html

+ Cisco Unified Computing System E-Series Blade Servers SSH Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1030813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3348

UPDATE: JVNVU#98509080 UEFI EDK2 の Capsule Update 処理に複数の脆弱性
http://jvn.jp/vu/JVNVU98509080/

セレブのヌード画像の偽リンク、ニュージーランドで大規模ネット障害
http://itpro.nikkeibp.co.jp/atcl/news/14/090800765/?ST=security

セレブの画像が流出した「iCloud」、Appleがセキュリティ強化へ
http://itpro.nikkeibp.co.jp/atcl/news/14/090800759/?ST=security

VU#396212 Netgear ProSafe Plus Configuration Utility writes out plaintext passwords to backup configuration files
http://www.kb.cert.org/vuls/id/396212