:: IT Security Neophyte Investigator's MEMO ::: 23日金曜日、先勝

2015年10月23日金曜日

23日金曜日、先勝

+ RHSA-2015:1921 Important: java-1.7.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2015-1921.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

+ RHSA-2015:1924 Important: qemu-kvm security update
https://rhn.redhat.com/errata/RHSA-2015-1924.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5279

+ RHSA-2015:1919 Important: java-1.8.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2015-1919.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

+ RHSA-2015:1920 Critical: java-1.7.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2015-1920.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

+ RHSA-2015:1917 Important: libwmf security update
https://rhn.redhat.com/errata/RHSA-2015-1917.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4696

+ About the security content of OS X Server 5.0.15
https://support.apple.com/ja-jp/HT205376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7031

+ About the security content of iTunes 12.3.1
https://support.apple.com/ja-jp/HT205372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7017

+ About the security content of OS X El Capitan v10.11.1 and Security Update 2015-007
https://support.apple.com/ja-jp/HT205375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5944
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5932
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5943

+ About the security content of Safari 9.0.1
https://support.apple.com/ja-jp/HT205377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7014

+ About the security content of watchOS 2.0.1
https://support.apple.com/ja-jp/HT205378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5916
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6974

+ About the security content of iOS 9.1
https://support.apple.com/ja-jp/HT205370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7014

+ Google Chrome 46.0.2490.80 released
http://googlechromereleases.blogspot.jp/2015/10/stable-channel-update_22.html

+ Mozilla Firefox 41.0.2 released
https://www.mozilla.org/en-US/firefox/41.0.2/releasenotes/

MFSA-2015-115 Cross-origin restriction bypass using Fetch
https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/

+ APSB15-27 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7648

+ CESA-2015:1920 Critical CentOS 7 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/661745/

+ CESA-2015:1919 Important CentOS 7 java-1.8.0-openjdk Security Update
http://lwn.net/Alerts/661747/

+ CESA-2015:1920 Critical CentOS 6 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/661743/

+ CESA-2015:1921 Important CentOS 5 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/661744/

+ CESA-2015:1919 Important CentOS 6 java-1.8.0-openjdk Security Update
http://lwn.net/Alerts/661746/

+ CESA-2015:1917 Important CentOS 7 libwmf Security Update
http://lwn.net/Alerts/661570/

+ CESA-2015:1917 Important CentOS 6 libwmf Security Update
http://lwn.net/Alerts/661569/

+ Wireshark 1.12.8 released
https://www.wireshark.org/docs/relnotes/wireshark-1.12.8.html

+ UPDATE: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150115-asa-dhcp

+ Cisco ASA Software DNS Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns2

+ Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dhcp1

+ Cisco ASA Software DNS Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1

+ Cisco ASA Software VPN ISAKMP Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-ike

+ UPDATE: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl

+ Linux kernel 4.2.4, 4.1.11, 3.14.55, 3.10.91, 3.4.110 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.11
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.55
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.91
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.110

+ Oracle Solaris Third Party Bulletin - October 2015
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

+ Oracle Linux Bulletin - October 2015
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

+ Samba 4.3.1 Available for Download
https://www.samba.org/samba/history/samba-4.3.1.html

+ Oracle Critical Patch Update Advisory - October 2015
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

+ Apache Tomcat 8.0.28, 7.0.65 Released
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

+ Java SE 8u65 / 8u66 released
http://www.oracle.com/technetwork/java/javase/8u-relnotes-2225394.html

+ NTP 4.2.8p4 released
http://archive.ntp.org/ntp4/ChangeLog-stable

+ Postfix stable release 3.0.3 and legacy releases 2.11.7, 2.10.9, and 2.9.15
http://www.postfix.org/announcements/postfix-3.0.3.html

+ ntp Multiple Flaws Let Remote Users Deny Service, View Files, and Bypass Authentication to Modify the Time
http://www.securitytracker.com/id/1033951
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871

+ Linux Kernel PPP Device Driver Bug Lets Local Users Cause Denial of Service Conditions on the Target System
http://www.securitytracker.com/id/1033809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7799

+ Linux Kernel SCTP Initialization Race Condition Lets Local Users Cause Denial of Service Conditions on the Target System
http://www.securitytracker.com/id/1033808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5283

+ Safari 9.0 (11601.1.56) file prefix crash in HashTable
https://cxsecurity.com/issue/WLB-2015100138

+ Adobe Flash Type Confusion IExternalizable When Performing Local Serialization
https://cxsecurity.com/issue/WLB-2015100136

pgFormatter 1.5 released
http://www.postgresql.org/about/news/1622/

Ora2Pg 16 released
http://www.postgresql.org/about/news/1620/

+ MySQL 5.7.9 released
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-9.html

+ Tcl/Tk 8.6.4 released
http://www.tcl.tk/software/tcltk/8.6.html

JVNDB-2015-000160 アバストにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000160.html

JVNDB-2015-000162 Android アプリ AirDroid における暗黙的 Intent の扱いに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000162.html

JVNDB-2015-000126 eXtplorer におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000126.html

JVNDB-2015-000159 iOS 版 Party Track SDK におけるサーバ証明書の検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000159.html

TEDがNRIセキュアと組んでWAF「BIG-IP ASM」の運用監視サービスを提供
http://itpro.nikkeibp.co.jp/atcl/news/15/102303493/?ST=security

キヤノンITソリューションズ、デスクトップLinux用ウイルス対策ソフト
http://itpro.nikkeibp.co.jp/atcl/news/15/102203490/?ST=security

トレンドマイクロ、HPから事業買収に驚き
http://itpro.nikkeibp.co.jp/atcl/column/14/509445/102200343/?ST=security

トレンドマイクロ、HPの侵入防止システム事業を約3億ドルで買収へ
http://itpro.nikkeibp.co.jp/atcl/news/15/102203482/?ST=security

［迷惑ソフト編］いつの間に？効果はある？不要なら削除
http://itpro.nikkeibp.co.jp/atcl/column/15/101500244/101500004/?ST=security

フォーティネット、無線LANアクセスポイントにUTM機能を搭載
http://itpro.nikkeibp.co.jp/atcl/news/15/102003443/?ST=security

米中首脳会談後も米企業にサイバー攻撃、米セキュリティ会社が報告
http://itpro.nikkeibp.co.jp/atcl/news/15/102003436/?ST=security

JVNVU#92655282 複数の Apple 製品の脆弱性に対するアップデート
http://jvn.jp/vu/JVNVU92655282/

JVNVU#99671861 UPnP を実装した複数のルータ製品にセキュリティ機能の実装が不十分な問題
http://jvn.jp/vu/JVNVU99671861/

JVNVU#99160787 OpenSSL に証明書チェーンの検証不備の脆弱性
http://jvn.jp/vu/JVNVU99160787/

JVNVU#99430390 Windows NTLM が file:// URL へのリダイレクト時に SMB 接続を行いユーザ認証情報を送信する問題
http://jvn.jp/vu/JVNVU99430390/

JVNVU#95877131 OpenSSL に複数の脆弱性
http://jvn.jp/vu/JVNVU95877131/

VU#840844 HP Photosmart B210 printer SMB server buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/840844

VU#966927 HP Client Automation and Radia Client Automation is vulnerable to remote code execution
http://www.kb.cert.org/vuls/id/966927

VU#935424 Virtual Machine Monitors (VMM) contain a memory deduplication vulnerability
http://www.kb.cert.org/vuls/id/935424

VU#675052 Medicomp MEDCIN Engine contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/675052

VU#842252 HP ArcSight Logger contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/842252

VU#943167 Voice over LTE implementations contain multiple vulnerabilities
http://www.kb.cert.org/vuls/id/943167

:: IT Security Neophyte Investigator's MEMO ::

2015年10月23日金曜日

23日金曜日、先勝

0 件のコメント:

コメントを投稿

2015年10月23日金曜日

23日 金曜日、先勝

0 件のコメント:

コメントを投稿

23日金曜日、先勝