2015年5月18日月曜日

18日 月曜日、仏滅

+ phpMyAdmin 4.4.7 released
https://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.4.7/phpMyAdmin-4.4.7-notes.html/view

+ Linux kernel 4.0.4, 3.14.43, 3.10.79 released
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.4
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.43
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.79

+ UPDATE: Oracle Solaris Third Party Bulletin - April 2015
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

+ Oracle Security Alert for CVE-2015-3456
http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-345

+ HS15-023 Vulnerability related to JSF in Cominexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-023/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4358

+ HS15-022 Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-022/index.html

+ HS15-021 Problem with directory permissions in JP1/Automatic Operation
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-021/index.html

+ HS15-023 CosminexusにおけるJSFに関する脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-023/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4358

+ HS15-022 JP1/Integrated Management - Universal CMDBにおける情報漏えいの問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-022/index.html

+ HS15-021 JP1/Automatic Operationのディレクトリパーミッションの問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-021/index.html

+ Apache log4j 2.3 released
http://logging.apache.org/log4j/2.x/changes-report.html#a2.3

+ Apache Tomcat 7.0.62 Released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

+ Dovecot 2.2.18 released
http://www.dovecot.org/list/dovecot-news/2015-May/000294.html

+ PHP 5.6.9, 5.5.25, 5.4.41 released
http://www.php.net/ChangeLog-5.php#5.6.9
http://www.php.net/ChangeLog-5.php#5.5.25
http://www.php.net/ChangeLog-5.php#5.4.41

+ JVNDB-2015-000065 Android 版アプリ「Honda Moto LINC」における SSL サーバ証明書の検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000065.html

+ UPDATE: JVNVU#95993136 NTP daemon (ntpd) に複数の脆弱性
http://jvn.jp/vu/JVNVU95993136/

+ openssh 6.8p1 heap buffer overflow
http://cxsecurity.com/issue/WLB-2015050105

+ NTP Potential issue in -A option
http://cxsecurity.com/issue/WLB-2015050102

+ SA64245 Linux Kernel User Namespaces MNT_LOCKED Security Bypass Security Issue
http://secunia.com/advisories/64245/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9717

+ SA64576 Hitachi JP1/Integrated Management (IM) UD Probe Data Security Bypass Vulnerability
http://secunia.com/advisories/64576/

+ SA64605 Hitachi Multiple Cosminexus / uCosminexus Products JSF Security Bypass Vulnerability
http://secunia.com/advisories/64605/

+ SA64585 Apache Tomcat Expression Language Security Bypass Vulnerability
http://secunia.com/advisories/64585/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810

+ SA64604 Hitachi JP1/Automatic Operation Transfer Directory Security Bypass Security Issue
http://secunia.com/advisories/64604/

ITproまとめ
SIEM
http://itpro.nikkeibp.co.jp/atcl/column/14/494329/051400097/?ST=security

0 件のコメント:

コメントを投稿