+ Mozilla Firefox 39.0 released
https://www.mozilla.org/en-US/firefox/39.0/releasenotes/
+ MFSA 2015-71 NSS incorrectly permits skipping of ServerKeyExchange
https://www.mozilla.org/en-US/security/advisories/mfsa2015-71/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721
+ MFSA 2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites
https://www.mozilla.org/en-US/security/advisories/mfsa2015-70/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
+ MFSA 2015-69 Privilege escalation in PDF.js
https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743
+ MFSA 2015-68 OS X crash reports may contain entered key press information
https://www.mozilla.org/en-US/security/advisories/mfsa2015-68/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2742
+ MFSA 2015-67 Key pinning is ignored when overridable errors are encountered
https://www.mozilla.org/en-US/security/advisories/mfsa2015-67/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2741
+ MFSA 2015-66 Vulnerabilities found through code inspection
https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
+ MFSA 2015-65 Use-after-free in workers while using XMLHttpRequest
https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2733
+ MFSA 2015-64 ECDSA signature validation fails to handle some signatures correctly
https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730
+ MFSA 2015-63 Use-after-free in Content Policy due to microtask execution error
https://www.mozilla.org/en-US/security/advisories/mfsa2015-63/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
+ MFSA 2015-62 Out-of-bound read while computing an oscillator rendering range in Web Audio
https://www.mozilla.org/en-US/security/advisories/mfsa2015-62/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2729
+ MFSA 2015-61 Type confusion in Indexed Database Manager
https://www.mozilla.org/en-US/security/advisories/mfsa2015-61/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728
+ MFSA 2015-60 Local files or privileged URLs in pages can be opened into new tabs
https://www.mozilla.org/en-US/security/advisories/mfsa2015-60/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2727
+ MFSA 2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2726
+ CESA-2015:1197 Moderate CentOS 5 openssl Security Update
http://lwn.net/Alerts/650036/
+ Cisco Unified Communications Domain Manager Default Static Privileged Account Credentials
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150701-cucdm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4196
+ OpenLDAP 2.4.41 released
http://www.openldap.org/software/release/
+ OpenSSH 6.9 released
http://www.openssh.com/txt/release-6.9
+ iTunes 12.2 and QuickTime 7.7.7 (WIN) 3rd libs Vulnerable
http://cxsecurity.com/issue/WLB-2015070008
+ McAfee SiteAdvisor 3.7.2 (firefox) Use After Free
http://cxsecurity.com/issue/WLB-2015070004
FreeBSD Support for Leap Seconds
https://www.freebsd.org/doc/en_US.ISO8859-1/articles/leap-seconds/article.html
PostgreSQL 9.5 Alpha 1 Released
http://www.postgresql.org/about/news/1595/
記者の眼
本当はもっと怖い「標的型攻撃」
http://itpro.nikkeibp.co.jp/atcl/watcher/14/334361/062600308/?ST=security
トレンドマイクロや日本オラクル、NECらIT大手、日本版サイバー事故対応指針を公開
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/070200290/?ST=security
[データは語る]2018年までに大企業の4割が大規模サイバー攻撃へのセキュリティ計画を策定――ガートナー
http://itpro.nikkeibp.co.jp/atcl/news/14/110601779/070200220/?ST=security
0 件のコメント:
コメントを投稿