2017年4月3日月曜日

3日 月曜日、先負













+ MantisBT 2.3.0, 2.2.3, and 1.3.9 released
http://www.mantisbt.org/blog/?p=514

+ MantisBT Security releases 1.3.8, 2.1.2 and 2.2.2
http://www.mantisbt.org/blog/?p=508

+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl

+ Linux kernel 4.10.8, 4.9.20, 4.4.59 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.8
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.20
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.59

+ Samba 4.6.2, 4.5.8 and 4.4.13 Available for Download
https://www.samba.org/samba/history/samba-4.6.2.html
https://www.samba.org/samba/history/samba-4.5.8.html
https://www.samba.org/samba/history/samba-4.4.13.html

+ SA76156 McAfee Web Gateway Multiple Vulnerabilities
https://secuniaresearch.flexerasoftware.com/advisories/76156/
CVE-2016-8105
CVE-2017-5897
CVE-2017-6214

+ Apache Tomcat 8.5.13 Released
http://tomcat.apache.org/tomcat-8.5-doc/changelog.html#Tomcat_8.5.13_(markt)

+ MantisBT Input Validation Flaws in 'adm_config_report.php' and 'move_attachments_page.php' Let Remote Users Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1038169
CVE-2017-6973
CVE-2017-7241
CVE-2017-7309

+ Microsoft Internet Information Server (IIS) Web Server Buffer Overflow in WebDAV ScStoragePathFromUrl() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1038168
CVE-2017-7269

+ Apple macOS/IOS 10.12.2(16C67) mach_msg Heap Overflow
https://cxsecurity.com/issue/WLB-2017030254

VU#507496 GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed
https://www.kb.cert.org/vuls/id/507496

セキュリティの救世主!?無害化、無意味化
Webアクセスの無害化、その盲点
http://itpro.nikkeibp.co.jp/atcl/column/17/033000113/033100001/?ST=security&itp_list_theme

Linux Advisory Watch: March 31st, 2017
http://www.linuxsecurity.com/content/view/171131/187/

Using a VPN Sucks
http://www.linuxsecurity.com/content/view/171130/169/

EFF: Verizon will install spyware on all its Android phones
http://www.linuxsecurity.com/content/view/171129/169/

APT29 Domain Fronting With TOR
http://www.linuxsecurity.com/content/view/171127/169/

Someone is putting lots of work into hacking Github developers
http://www.linuxsecurity.com/content/view/171126/169/

VMware patches critical virtual machine escape flaws
http://www.linuxsecurity.com/content/view/171125/169/

0 件のコメント:

コメントを投稿