+ Android-x86 4.4-r4 (KitKat-x86) released
http://www.android-x86.org/releases/releasenote-4-4-r4
+ RHSA-2016:0063 Important: ntp security update
https://rhn.redhat.com/errata/RHSA-2016-0063.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
+ RHSA-2016:0064 Important: kernel security update
https://rhn.redhat.com/errata/RHSA-2016-0064.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0728
+ About the security content of tvOS 9.1.1
https://support.apple.com/ja-jp/HT205729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1717
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1727
+ CESA-2016:0063 Important CentOS 7 ntp Security Update
http://lwn.net/Alerts/673413/
+ CESA-2016:0063 Important CentOS 6 ntp Security Update
http://lwn.net/Alerts/673412/
+ UPDATE: Cisco Residential Gateway Devices Cross-Site Request Forgery Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-gateway
+ UPDATE: Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-gateway
+ Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6337
+ Cisco Unified Contact Center Express Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1298
+ Linux kernel 3.18.26 released
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.26
+ FreeBSD SCTP ICMPv6 Denial Of Service
https://cxsecurity.com/issue/WLB-2016010172
+ Buffalo NAS Remote Shutdown
https://cxsecurity.com/issue/WLB-2016010171
+ PHP 7.0.1 Memory Read via gdImageRotateInterpolated
https://cxsecurity.com/issue/WLB-2016010159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1903
+ PHP 7.0.0 - Format String Vulnerability
https://cxsecurity.com/issue/WLB-2015120271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8617
OpenSSL 1.0.2f and 1.0.1r security releases due 28th Jan 2016
https://mta.openssl.org/pipermail/openssl-announce/2016-January/000058.html
記者の眼
ある判決、要件にないことで責任を負わされたシステム開発会社の悲劇
http://itpro.nikkeibp.co.jp/atcl/watcher/14/334361/012100467/?ST=security
統計&調査
[データは語る]2015年第4四半期の不正プログラム検出数は前四半期比105.5%増、12万件突破──IPA
http://itpro.nikkeibp.co.jp/atcl/news/14/110601779/012500481/?ST=security
ソースネクスト、CATV各局にスマホ向けセキュリティソフトを提供
http://itpro.nikkeibp.co.jp/atcl/news/16/012500238/?ST=security
UPDATE: JVNVU#99819594 Harman AMX 製品がハードコードされたパスワードを使用する問題
http://jvn.jp/vu/JVNVU99819594/
0 件のコメント:
コメントを投稿