2016年1月25日月曜日

25日 月曜日、先負

+ CESA-2016:0053 Critical CentOS 6 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/672969/

+ CESA-2016:0054 Important CentOS 7 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/672971/

+ CESA-2016:0049 Critical CentOS 7 java-1.8.0-openjdk Security Update
http://lwn.net/Alerts/672972/

+ CESA-2016:0050 Important CentOS 6 java-1.8.0-openjdk Security Update
http://lwn.net/Alerts/672973/

+ CESA-2016:0054 Important CentOS 5 java-1.7.0-openjdk Security Update
http://lwn.net/Alerts/672970/

+ UPDATE: Cisco Adaptive Security Appliance Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa

+ UPDATE: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm

+ Linux kernel 4.3.4, 4.1.16, 3.14.59, 3.10.95, 3.2.76 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.16
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.59
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.95
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.76

+ HS16-002 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS16-002/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1829

+ HS16-001 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS16-001/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808

+ HS16-002 Cosminexus HTTP Server, Hitachi Web Serverにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-002/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1829

+ HS16-001 Cosminexus HTTP Server, Hitachi Web Serverにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-001/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808

+ Google Chrome Multiple Bugs Let Remote Users Obtain Information, Bypass Security Restrictions, Spoof URLs, and Execute Arbitrary Code
http://www.securitytracker.com/id/1034801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1614
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1616
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1617
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1618
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1620

+ Rsync Symlink Path Validation Flaw Lets Remote Users Write Files on the Target System
http://www.securitytracker.com/id/1034786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9512

+ ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
http://www.securitytracker.com/id/1034782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158

+ PHP 5.6.10 Buffer overflow and stack smashing error in phar_fix_filepath
https://cxsecurity.com/issue/WLB-2016010158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5590

JVNDB-2016-000006 バッファロー製の複数のネットワーク機器におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000006.html

JVNDB-2016-000005 バッファロー製の複数のネットワーク機器におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000005.html

JVNVU#992624 Harman AMX 製品がハードコードされたパスワードを使用する問題
http://jvn.jp/vu/JVNVU992624/

トレンドマイクロ、「auスマートパス」でパスワード管理アプリを提供
http://itpro.nikkeibp.co.jp/atcl/news/16/012200220/?ST=security

政府が「サイバーセキュリティ月間」の概要発表、『攻殻機動隊』とタイアップ
http://itpro.nikkeibp.co.jp/atcl/news/16/012200215/?ST=security

0 件のコメント:

コメントを投稿