+ RHSA-2015:2636 Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2015-2636.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104
+ RHSA-2015:2623 Moderate: grub2 security and bug fix update
https://rhn.redhat.com/errata/RHSA-2015-2623.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370
+ TortoiseSVN 1.9.3 released
https://tortoisesvn.net/tsvn_1.9_releasenotes.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5343
+ Google Chrome 47.0.2526.106 released
http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_15.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6792
+ Mozilla Firefox 43.0 released
https://www.mozilla.org/en-US/firefox/43.0/releasenotes/
+ MFSA 2015-149 Cross-site reading attack through data and view-source URIs
https://www.mozilla.org/en-US/security/advisories/mfsa2015-149/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7214
+ MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension APIs
https://www.mozilla.org/en-US/security/advisories/mfsa2015-148/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7223
+ MFSA 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
https://www.mozilla.org/en-US/security/advisories/mfsa2015-147/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7222
+ MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions
https://www.mozilla.org/en-US/security/advisories/mfsa2015-146/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7213
+ MFSA 2015-145 Underflow through code inspection
https://www.mozilla.org/en-US/security/advisories/mfsa2015-145/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7205
+ MFSA 2015-144 Buffer overflows found through code inspection
https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7221
+ MFSA 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library
https://www.mozilla.org/en-US/security/advisories/mfsa2015-143/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7217
+ MFSA 2015-142 DOS due to malformed frames in HTTP/2
https://www.mozilla.org/en-US/security/advisories/mfsa2015-142/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7219
+ MFSA 2015-141 Hash in data URI is incorrectly parsed
https://www.mozilla.org/en-US/security/advisories/mfsa2015-141/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7211
+ MFSA 2015-140 Cross-origin information leak through web workers error events
https://www.mozilla.org/en-US/security/advisories/mfsa2015-140/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7215
+ MFSA 2015-139 Integer overflow allocating extremely large textures
https://www.mozilla.org/en-US/security/advisories/mfsa2015-139/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7212
+ MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
https://www.mozilla.org/en-US/security/advisories/mfsa2015-138/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7210
+ MFSA 2015-137 Firefox allows for control characters to be set in cookies
https://www.mozilla.org/en-US/security/advisories/mfsa2015-137/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7208
+ MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation
https://www.mozilla.org/en-US/security/advisories/mfsa2015-136/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7207
+ MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects
https://www.mozilla.org/en-US/security/advisories/mfsa2015-135/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7204
+ MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7202
+ CESA-2015:2616 Moderate CentOS 5 openssl Security Update
http://lwn.net/Alerts/667898/
+ CESA-2015:2617 Moderate CentOS 7 openssl Security Update
http://lwn.net/Alerts/667901/
+ CESA-2015:2619 Moderate CentOS 7 libreoffice Security Update
http://lwn.net/Alerts/667897/
+ CESA-2015:2617 Moderate CentOS 6 openssl Security Update
http://lwn.net/Alerts/667899/
+ CESA-2015:2619 Moderate CentOS 6 libreoffice Security Update
http://lwn.net/Alerts/667896/
+ BIND 9.10.3-P2, 9.9.8-P2 released
ftp://ftp.isc.org/isc/bind9/9.10.3-P2/RELEASE-NOTES-9.10.3-P2.html
ftp://ftp.isc.org/isc/bind9/9.9.8-P2/RELEASE-NOTES-9.9.8-P2.html
+ CVE-2015-8461: A race condition when handling socket errors can lead to an assertion failure in resolver.c
https://kb.isc.org/article/AA-01319
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
+ CVE-2015-8000: Responses with a malformed class attribute can trigger an assertion failure in db.c
https://kb.isc.org/article/AA-01317
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
+ Cisco Unified Communications Manager Web Applications Identity Management Subsystem Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151215-ucmim
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6425
+ UPDATE: Cisco IOS XE Software IPv6 Neighbor Discovery Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ios
+ UPDATE: Vulnerability in Java Deserialization Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
+ Linux kernel 4.3.3, 4.2.8, 4.1.15 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.8
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.15
+ CentOS 7 (1511) released
https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7
+ UPDATE: JVNVU#97526033 複数の Apple 製品の脆弱性に対するアップデート
http://jvn.jp/vu/JVNVU97526033/index.html
+ BIND Socket Error Processing Bug Lets Remote Users Cause the Target Service to Crash
http://www.securitytracker.com/id/1034419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
+ BIND Class Attribute Parsing Error Lets Remote Users Cause the Target named Service to Crash
http://www.securitytracker.com/id/1034418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
気になるキーワード
最新事情を踏まえて知りたいセキュリティキーワード「標的型攻撃」
http://itpro.nikkeibp.co.jp/atcl/column/15/121400285/121400002/?ST=security
FinTechの旗手たち
「新興企業がまずドアをたたく銀行へ」、みずほフィナンシャルグループの阿部氏に聞く
http://itpro.nikkeibp.co.jp/atcl/column/15/121000283/121000004/?ST=security
記者の眼
自治体はサイバー攻撃からマイナンバーを守れるのか
http://itpro.nikkeibp.co.jp/atcl/watcher/14/334361/121400442/?ST=security
「1月12日までにIEを最新版に」、IPAが注意喚起
http://itpro.nikkeibp.co.jp/atcl/news/15/121504079/?ST=security
Twitter、国家が関与するサイバー攻撃を受けた可能性を警告
http://itpro.nikkeibp.co.jp/atcl/news/15/121504074/?ST=security
0 件のコメント:
コメントを投稿