2015年8月10日月曜日

10日 月曜日、先勝

+ RHSA-2015:1581 Important: firefox security update
https://rhn.redhat.com/errata/RHSA-2015-1581.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4495

+ phpMyAdmin 4.4.13, 4.4.13.1 released
https://www.phpmyadmin.net/files/4.4.13/
https://www.phpmyadmin.net/files/4.4.13.1/

+ UPDATE: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl

+ Linux kernel 3.18.20, 3.12.46, 3.2.70 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.20
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.46
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.70

+ PHP 5.6.12, 5.5.28, 5.4.44 Released
http://www.php.net/ChangeLog-5.php#5.6.12
http://www.php.net/ChangeLog-5.php#5.5.28
http://www.php.net/ChangeLog-5.php#5.4.44

+ Mozilla Firefox PDF Viewer Same-Origin Bypass Lets Remote Users Obtain Potentially Sensitive Information on the Target System
http://www.securitytracker.com/id/1033216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4495

+ Apache Subversion Bugs Let Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1033215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3187

+ Linux md Driver Initialization Flaw Lets Local Users View Portions of System Memory on the Target System
http://www.securitytracker.com/id/1033211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5697

+ Apache Subversion 1.9.0, 1.8.14, 1.7.21 released
http://svn.haxx.se/dev/archive-2015-08/0026.shtml
http://svn.haxx.se/dev/archive-2015-08/0024.shtml
http://svn.haxx.se/dev/archive-2015-08/0025.shtml

+ PHP 5.6 SplDoublyLinkedList Use-After-Free
http://cxsecurity.com/issue/WLB-2015080042

+ PHP 5.6 SplObjectStorage Use-After-Free
http://cxsecurity.com/issue/WLB-2015080041

+ PHP 5.6 SPL ArrayObject Use-After-Free
http://cxsecurity.com/issue/WLB-2015080040

PostgreSQL FTS for Drupal project started
http://www.postgresql.org/about/news/1605/

Devart Released a new version of dotConnect for PostgreSQL
http://www.postgresql.org/about/news/1603/

JVNDB-2015-000111 Android 版「ヨドバシ」における SSL サーバ証明書の検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000111.html

JVNDB-2015-000110 Android 版「ヨドバシ」において任意の Java のメソッドが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000110.html

科学技術振興機構から個人情報最大215人分流出、Flashの脆弱性で
http://itpro.nikkeibp.co.jp/atcl/news/15/080702619/?ST=security

VU#628568 Sierra Wireless GX, ES, and LS gateways running ALEOS contains hard-coded credentials
http://www.kb.cert.org/vuls/id/628568

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)