+ RHSA-2017:0559 Moderate: openjpeg security update
https://rhn.redhat.com/errata/RHSA-2017-0559.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9675
+ Selenium Standard Server 3.3.1 released
http://docs.seleniumhq.org/download/
+ Selenium IE Driver Server 3.3 released
https://raw.githubusercontent.com/SeleniumHQ/selenium/master/cpp/iedriverserver/CHANGELOG
+ Selenium Client & WebDriver 3.3.1 released
https://raw.githubusercontent.com/SeleniumHQ/selenium/master/java/CHANGELOG
+ Mozilla Firefox 52.0.1 released
https://www.mozilla.org/en-US/firefox/52.0.1/releasenotes/
+ MFSA2017-08 integer overflow in createImageBitmap()
https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5428
+ Logic Pro X 10.3.1 のセキュリティコンテンツについて
https://support.apple.com/ja-jp/HT207519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2374
+ CESA-2017:0559 Moderate CentOS 6 openjpeg Security Update
https://lwn.net/Alerts/717563/
+ CESA-2017:0558 Critical CentOS 7 firefox Security Update
https://lwn.net/Alerts/717562/
+ CESA-2017:0527 Moderate CentOS 6 tomcat6 Security Update
https://lwn.net/Alerts/717564/
+ Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3850
+ Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3849
+ Linux kernel 4.10.4, 4.9.16, 4.4.55, 3.12.72 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.16
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.55
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.72
+ S2-046 Possible RCE when performing file upload based on Jakarta Multipart parser (similar to S2-045)
http://struts.apache.org/docs/s2-046.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638
+ Apache Tomcat 8.0.42, 7.0.76, 6.0.51 Released
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.42_(violetagg)
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html#Tomcat_7.0.76_(violetagg)
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html#Tomcat_6.0.51_(violetagg)
+ OpenSSH 7.5 release
http://www.openssh.com/txt/release-7.5
+ UPDATE: JVNVU#93610402 Apache Struts2 に任意のコードが実行可能な脆弱性
http://jvn.jp/vu/JVNVU93610402/index.html
+ Mozilla Firefox Integer Overflow in createImageBitmap() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1038060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5428
+ Microsoft Edge Charkra Incorrect Jit Optimization
https://cxsecurity.com/issue/WLB-2017030168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0071
+ Microsoft Internet Information Services Cross Site Scripting
https://cxsecurity.com/issue/WLB-2017030167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0055
JVNVU#97075940 Commvault Edge にスタックバッファオーバーフローの脆弱性
http://jvn.jp/vu/JVNVU97075940/index.html
NEC、金融機関向けのセキュアなネット接続ゲートウエイサービス
http://itpro.nikkeibp.co.jp/atcl/news/17/031700865/?ST=security&itp_list_theme
ニッポン放送もStruts2脆弱性でWebサイト改ざん
http://itpro.nikkeibp.co.jp/atcl/news/17/031700863/?ST=security&itp_list_theme
ワンタイムパスワードでも危ない、警視庁が新型ウイルスの被害を確認
http://itpro.nikkeibp.co.jp/atcl/news/17/031700858/?ST=security&itp_list_theme
ニュース解説
スマホの位置情報を抜き出すGPS捜査、キャリア3社が改めて見解
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/031700889/?ST=security&itp_list_theme
Virtual machine escape fetches $105,000 at Pwn2Own hacking contest
http://www.linuxsecurity.com/content/view/171074/169/
GitHub awards researcher $18,000 for remote code execution flaw discovery
http://www.linuxsecurity.com/content/view/171073/169/
Linux Advisory Watch: March 17th, 2017
http://www.linuxsecurity.com/content/view/171064/187/
Ethical Hacking: The Most Important Job No One Talks About
http://www.linuxsecurity.com/content/view/171063/169/
This laptop-bricking USB stick just got even more dangerous
http://www.linuxsecurity.com/content/view/171062/169/
0 件のコメント:
コメントを投稿