+ RHSA-2017:1105 Important: bind security update
https://rhn.redhat.com/errata/RHSA-2017-1105.html
CVE-2017-3136
CVE-2017-3137
+ Selenium Standalone Server 3.4.0 released
http://docs.seleniumhq.org/download/
+ Selenium IE Driver Server 3.4 released
https://raw.githubusercontent.com/SeleniumHQ/selenium/master/cpp/iedriverserver/CHANGELOG
+ Selenium Client & WebDriver 3.4.0 released
https://raw.githubusercontent.com/SeleniumHQ/selenium/master/java/CHANGELOG
+ CESA-2017:1100 Critical CentOS 6 nss Security Update
https://lwn.net/Alerts/720606/
+ CESA-2017:1104 Critical CentOS 6 firefox Security Update
https://lwn.net/Alerts/720600/
+ CESA-2017:1100 Critical CentOS 7 nss-util Security Update
https://lwn.net/Alerts/720603/
+ CESA-2017:1100 Critical CentOS 7 nss Security Update
https://lwn.net/Alerts/720604/
+ CESA-2017:1106 Critical CentOS 7 firefox Security Update
https://lwn.net/Alerts/720599/
+ CESA-2017:1108 Moderate CentOS 7 java-1.8.0-openjdk Security Update
https://lwn.net/Alerts/720602/
+ CESA-2017:1105 Important CentOS 6 bind Security Update
https://lwn.net/Alerts/720598/
+ CESA-2017:1100 Critical CentOS 6 nss-util Security Update
https://lwn.net/Alerts/720605/
+ UPDATE: Cisco Unified Communications Manager Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm
+ Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc1
+ Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl
+ Linux kernel 4.10.12, 4.9.24, 4.4.63, 3.18.50 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.12
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.24
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.63
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.50
+ cURL/libcurl TLS Session Resumption Client Certificate Bug Lets Remote Users Bypass Security Restrictions on the Target System
http://www.securitytracker.com/id/1038341
CVE-2016-5419
CVE-2017-7468
+ Oracle Java 64bit DLL Hijacking *youtube
https://cxsecurity.com/issue/WLB-2017040147
CVE-2017-3511
+ Apple WebKit/Safari 10.0.2 (12602.3.12.0.1) PrototypeMap::createEmptyStructure XS
https://cxsecurity.com/issue/WLB-2017040142
+ Apple WebKit/Safari 10.0.2 (12602.3.12.0.1) operationSpreadGeneric XSS
https://cxsecurity.com/issue/WLB-2017040141
+ Microsoft Windows 10 10586 IEETWCollector Privilege Escalation
https://cxsecurity.com/issue/WLB-2017040140
CVE-2017-0165
+ Microsoft Windows - ManagementObject Arbitrary .NET Serialization RCE
https://cxsecurity.com/issue/WLB-2017040139
VE-2017-0160
+ Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit
https://cxsecurity.com/issue/WLB-2017040138
JVNDB-2017-000072 WNC01WH における OS コマンドインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000072.html
日経ITイノベーターズ白熱議論&講演
セキュリティはやっぱり痛い目にあわないと…
http://itpro.nikkeibp.co.jp/atcl/column/17/040500122/041800010/?ST=security&itp_list_theme
百社百様、我が社のCSIRT
[オリンパス]海外拠点とも脅威情報を共有、未然の事故防止に効果あり
http://itpro.nikkeibp.co.jp/atcl/column/16/080500167/041900014/?ST=security&itp_list_theme
ニュース解説
人騒がせな標的型攻撃訓練
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/042000942/?ST=security&itp_list_theme
シスコ、セキュリティ教育を学生に無償提供
http://itpro.nikkeibp.co.jp/atcl/news/17/042101239/?ST=security&itp_list_theme
Linux Advisory Watch: April 21st, 2017
http://www.linuxsecurity.com/content/view/171271/187/
0 件のコメント:
コメントを投稿