+ MantisBT 2.2.1 and 1.3.7 Released
https://www.mantisbt.org/bugs/changelog_page.php?version_id=275
https://www.mantisbt.org/bugs/changelog_page.php?version_id=269
+ PostgreSQL ODBC Driver 09.06.0200 released
https://www.postgresql.org/ftp/odbc/versions/msi/
+ VMware Workstation Player 12.5.3 Released
http://pubs.vmware.com/Release_Notes/en/workstation/12player/player-1253-release-notes.html?__utma=207178772.702043549.1440547077.1489103828.1489363005.334&__utmb=207178772.1.10.1489363005&__utmc=207178772&__utmx=-&__utmz=207178772.1440547077.1.1.utmcsr=my.vmware.com|utmccn=(referral)|utmcmd=referral|utmcct=/web/vmware/free&__utmv=-&__utmk=137475891
+ UPDATE: Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2
+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl
+ Linux kernel 4.10.2, 4.9.14, 4.4.53 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.2
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.14
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.53
+ VMSA-2017-0003 VMware Workstation update addresses multiple security issues
http://www.vmware.com/security/advisories/VMSA-2017-0003.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4900
+ VMware Workstation SVGA and DLL Loading Bugs Let Local Users on the Guest System Deny Service on the Guest or Gain Elevated Privileges on the Host System
http://www.securitytracker.com/id/1037979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4900
+ MantisBT Input Validation Flaw in 'bug_change_status_page.php' Lets Remote Users Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1037978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6797
dbMigration .NET v5 released
https://www.postgresql.org/about/news/1738/
ニュース解説
GMO72万件流出危機の原因、Struts2に「意のままに操られる」深刻な脆弱性
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/031000880/?ST=security&itp_list_theme
IoT推進コンソーシアム、従業員の健康データなど「データ取引事例集」公表
http://itpro.nikkeibp.co.jp/atcl/news/17/031000792/?ST=security&itp_list_theme
法政大学で不正アクセス、学生や職員など4万3103件のアカウント情報が漏洩
http://itpro.nikkeibp.co.jp/atcl/news/17/031000791/?ST=security&itp_list_theme
都税と住宅金融支援機構のクレジット払いサイトに不正アクセス、約72万件流出か
http://itpro.nikkeibp.co.jp/atcl/news/17/031000790/?ST=security&itp_list_theme
「セキュリティの本丸は個人情報ではない」、陸自システム防護隊初代隊長の経産省伊東氏
http://itpro.nikkeibp.co.jp/atcl/news/17/031000788/?ST=security&itp_list_theme
Kaspersky Lab、データを破壊する新マルウエア「StoneDrill」を発見
http://itpro.nikkeibp.co.jp/atcl/news/17/031000785/?ST=security&itp_list_theme
CIAの機密文書漏えいで、WikiLeaks創設者が技術大手との協力を提案
http://itpro.nikkeibp.co.jp/atcl/news/17/031000774/?ST=security&itp_list_theme
UPDATE: JVNVU#91417143 GigaCC OFFICE における複数の脆弱性
http://jvn.jp/vu/JVNVU91417143/index.html
JVNVU#99822187 D-Link 製ルータの HNAP サービスにスタックバッファオーバーフローの脆弱性
http://jvn.jp/vu/JVNVU99822187/index.html
JVNVU#98628696 D-Link DIR-850L にバッファオーバーフローの脆弱性
http://jvn.jp/vu/JVNVU98628696/index.html
JVNVU#95084342 iOS アプリ「Flash Seats Mobile App」にSSL サーバ証明書の検証不備の脆弱性
http://jvn.jp/vu/JVNVU95084342/index.html
UPDATE:JVN#84995847 SKYSEA Client View において任意のコードが実行可能な脆弱性
http://jvn.jp/jp/JVN84995847/index.html
0 件のコメント:
コメントを投稿