2016年3月17日木曜日

17日 木曜日、仏滅

+ RHSA-2016:0459 Important: bind security update
https://rhn.redhat.com/errata/RHSA-2016-0459.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286

+ RHSA-2016:0458 Important: bind97 security update
https://rhn.redhat.com/errata/RHSA-2016-0458.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286

+ RHSA-2016:0460 Important: thunderbird security update
https://rhn.redhat.com/errata/RHSA-2016-0460.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

+ CESA-2016:0448 Moderate CentOS 6 samba Security Update
http://lwn.net/Alerts/680285/

+ CESA-2016:0448 Moderate CentOS 7 samba Security Update
http://lwn.net/Alerts/680286/

+ CESA-2016:0449 Moderate CentOS 6 samba4 Security Update
http://lwn.net/Alerts/680287/

+ UPDATE: Vulnerability in GNU glibc Affecting Cisco Products: February 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc

+ Linux kernel 4.4.6, 3.14.65, 3.10.101 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.6
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.65
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.101

+ FreeBSD-SA-16:15.sysarch Incorrect argument validation in sysarch(2)
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:15.sysarch.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1885

+ FreeBSD-SA-16:14.openssh OpenSSH xauth(1) command injection
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115

+ Dovecot 2.2.22 released
http://www.dovecot.org/list/dovecot-news/2016-March/000315.html

+ Apache Struts Input Validation Flaw in I18NInterceptor Lets Remote Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1035272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2162

+ Apache Struts Double OGNL Evaluation Lets Remote Users Execute Arbitrary Code on the Target System
http://www.securitytracker.com/id/1035271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0785

+ VMware vRealize Input Validation Flaws Let Remote Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1035270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2344
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2075

+ Apache Struts Input Validation Flaw in Java URLDecoder Lets Remote Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1035268

+ OpenSSH 7.2p1 xauth Command Injection / Bypass
https://cxsecurity.com/issue/WLB-2016030083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115

新設試験「情報セキュリティマネジメント試験」の初回応募者は想定以上の約2万3000人
http://itpro.nikkeibp.co.jp/atcl/news/16/031600801/?ST=security

0 件のコメント:

コメントを投稿