+ Red Hat Enterprise Linux 6.6 Now Generally Available
http://www.redhat.com/en/about/press-releases/red-hat-enterprise-linux-66-now-generally-available
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/6.6_Release_Notes/index.html
+ マイクロソフト セキュリティ アドバイザリ 3009008 SSL 3.0 の脆弱性により、情報漏えいが起こる
https://technet.microsoft.com/ja-jp/library/security/3009008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
+ Win32 OpenSSL 1.0.1j released
http://slproweb.com/products/Win32OpenSSL.html
+ RHSA-2014:1620 Important: java-1.7.0-openjdk security and bug fix update
https://rhn.redhat.com/errata/RHSA-2014-1620.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6558
+ RHSA-2014:1647 Important: thunderbird security update
https://rhn.redhat.com/errata/RHSA-2014-1647.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581
+ Opera 25 released
http://www.opera.com/docs/changelogs/unified/2500/
+ CESA-2014:1635 Critical CentOS 5 firefox Security Update
http://lwn.net/Alerts/616247/
+ CESA-2014:1635 Critical CentOS 7 firefox Security Update
http://lwn.net/Alerts/616248/
+ CESA-2014:1634 Important CentOS 5 java-1.6.0-openjdk Security Update
http://lwn.net/Alerts/616249/
+ CESA-2014:1634 Important CentOS 7 java-1.6.0-openjdk Security Update
http://lwn.net/Alerts/616250/
+ CESA-2014:1633 Important CentOS 5 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/616251/
+ CESA-2014:1620 Important CentOS 7 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/616252/
+ UPDATE: GNU Bash Environment Variable Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
+ SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
+ Cisco TelePresence MCU Software Memory Exhaustion Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3397
+ Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3370
+ Check Point response to the POODLE Bites vulnerability (CVE-2014-3566)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102989&src=securityAlerts
+ Linux kernel 3.17.1, 3.16.6, 3.14.22, 3.10.58 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.1
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.6
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.22
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.58
+ OpenSSL 1.0.1j, 1.0.0o, 0.9.8zc released
http://www.openssl.org/news/
http://www.openssl.org/news/openssl-1.0.1-notes.html
http://www.openssl.org/news/openssl-1.0.0-notes.html
http://www.openssl.org/news/openssl-0.9.8-notes.html
+ OpenSSL Security Advisory [15 Oct 2014]
http://www.openssl.org/news/secadv_20141015.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
+ OpenSSL 'no-ssl3' Build Option Fails to Prevent SSL 3.0 Handshakes
http://www.securitytracker.com/id/1031053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
+ OpenSSL SRTP and Session Ticket Memory Leaks Let Remote Users Deny Service
http://www.securitytracker.com/id/1031052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
+ OpenSSL SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
http://www.securitytracker.com/id/1031029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
+ LOCAL: Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
http://www.exploit-db.com/exploits/34982
+ SSL 3.0 fallback Design Vulnerability
http://cxsecurity.com/issue/WLB-2014100089
+ OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
http://www.securityfocus.com/bid/70574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
アップル・ホットトピックス
iOS 8詳細レビュー[3]結局、Appleは何を変えたかったのか?
http://itpro.nikkeibp.co.jp/atcl/column/14/555665/101400009/?ST=security
IEやWindowsに危険な脆弱性、ゼロデイ攻撃への悪用も確認
http://itpro.nikkeibp.co.jp/atcl/news/14/101501393/?ST=security
0 件のコメント:
コメントを投稿