2017年6月16日金曜日

16日 金曜日、友引

+ Google Chrome 59.0.3071.104 released
https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html
CVE-2017-5087
CVE-2017-5088
CVE-2017-5089

+ CESA-2017:1440 Critical CentOS 7 firefox Security Update
https://lwn.net/Alerts/725480/

+ CESA-2017:1440 Critical CentOS 6 firefox Security Update
https://lwn.net/Alerts/725481/

+ MFSA 2017-17 Security vulnerabilities fixed in Thunderbird 52.2
https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/
CVE-2017-5472
CVE-2017-7749
CVE-2017-7750
CVE-2017-7751
CVE-2017-7752
CVE-2017-7754
CVE-2017-7756
CVE-2017-7757
CVE-2017-7778
CVE-2017-7758
CVE-2017-7763
CVE-2017-7764
CVE-2017-7765
CVE-2017-5470

+ CVE-2017-3141: Windows service and uninstall paths are not quoted when BIND is installed
https://kb.isc.org/article/AA-01496
CVE-2017-3141

+ Operational Notification: LMDB integration problems with BIND 9.11.0 and 9.11.1
https://kb.isc.org/article/AA-01497

+ CVE-2017-3140: An error processing RPZ rules can cause named to loop endlessly after handling a query
https://kb.isc.org/article/AA-01495
CVE-2017-3140

+ Linux kernel 4.1.41, 3.10.106 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.41
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.106

+ JVNVU#94071181 ISC BIND に複数の脆弱性
http://jvn.jp/vu/JVNVU94071181/
CVE-2017-3140
CVE-2017-3141

+ libcurl 'file' Protocol Buffer Overflow Lets Local Users Execute Arbitrary Code
http://www.securitytracker.com/id/1038697
CVE-2017-9502

+ BIND Windows Installer Unquoted Service Path Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1038693
CVE-2017-3141

+ BIND RPZ Rule Processing Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1038692
CVE-2017-3140

VU#846320 Samsung Magician fails to update itself securely
https://www.kb.cert.org/vuls/id/846320

JVNDB-2017-000139 WordPress 用プラグイン WP Job Manager におけるアクセス制限不備の問題
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000139.html

JVNVU#97705299 HPE SiteScope に複数の脆弱性
http://jvn.jp/vu/JVNVU97705299/

JVN#65154137 電子納品チェックシステム(農林水産省農業農村整備事業版)のインストーラにおける DLL 読み込みの脆弱性
http://jvn.jp/jp/JVN65154137/index.html

ゼロから挑戦!IoT開発
セキュリティのないIoTは世界の害悪である
http://itpro.nikkeibp.co.jp/atcl/column/17/030900077/061400007/?ST=security&itp_list_theme

「明日あなたが狙われる」と予測できてこそAI、シマンテックのAI戦略
http://itpro.nikkeibp.co.jp/atcl/news/17/061501670/?ST=security&itp_list_theme

Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021
http://www.linuxsecurity.com/content/view/171790/169/

Buggy devices and lazy operators make VoLTE a security nightmare
http://www.linuxsecurity.com/content/view/171789/169/

Parrot Security OS Devs Mock systemd: It's an Immature Init System for GNU/Linux
http://www.linuxsecurity.com/content/view/171788/169/

0 件のコメント:

コメントを投稿