:: IT Security Neophyte Investigator's MEMO ::: 3日木曜日、大安

2017年8月3日木曜日

3日木曜日、大安

+ RHSA-2017:1833 Important: chromium-browser security update
https://access.redhat.com/errata/RHSA-2017:1833
CVE-2017-5091
CVE-2017-5092
CVE-2017-5093
CVE-2017-5094
CVE-2017-5095
CVE-2017-5096
CVE-2017-5097
CVE-2017-5098
CVE-2017-5099
CVE-2017-5100
CVE-2017-5101
CVE-2017-5102
CVE-2017-5103
CVE-2017-5104
CVE-2017-5105
CVE-2017-5106
CVE-2017-5107
CVE-2017-5108
CVE-2017-5109
CVE-2017-5110
CVE-2017-7000

+ RHSA-2017:2389 Important: freeradius security update
https://access.redhat.com/errata/RHSA-2017:2389
CVE-2017-10978
CVE-2017-10983
CVE-2017-10984
CVE-2017-10985
CVE-2017-10986
CVE-2017-10987

+ RHSA-2017:2388 Important: evince security update
https://access.redhat.com/errata/RHSA-2017:2388
CVE-2017-1000083

+ RHSA-2017:2258 Moderate: gtk-vnc security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2258
CVE-2017-5884
CVE-2017-5885

+ RHSA-2017:2247 Low: tomcat security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2247
CVE-2016-0762
CVE-2016-5018
CVE-2016-6794
CVE-2016-6796
CVE-2016-6797

+ RHSA-2017:2192 Moderate: mariadb security and bug fix update
https://access.redhat.com/errata/RHSA-2017:2192
CVE-2016-5483
CVE-2016-5617
CVE-2016-6664
CVE-2017-3238
CVE-2017-3243
CVE-2017-3244
CVE-2017-3258
CVE-2017-3265
CVE-2017-3291
CVE-2017-3302
CVE-2017-3308
CVE-2017-3309
CVE-2017-3312
CVE-2017-3313
CVE-2017-3317
CVE-2017-3318
CVE-2017-3453
CVE-2017-3456
CVE-2017-3464
CVE-2017-3600

+ RHSA-2017:2180 Low: ghostscript security and bug fix update
https://access.redhat.com/errata/RHSA-2017:2180
CVE-2017-7207

+ RHSA-2017:2128 Moderate: gdm and gnome-session security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2128
CVE-2015-7496

+ RHSA-2017:2060 Moderate: GStreamer security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2060
CVE-2016-10198
CVE-2016-10199
CVE-2016-9446
CVE-2016-9810
CVE-2016-9811
CVE-2017-5837
CVE-2017-5838
CVE-2017-5839
CVE-2017-5840
CVE-2017-5841
CVE-2017-5842
CVE-2017-5843
CVE-2017-5844
CVE-2017-5845
CVE-2017-5848

+ RHSA-2017:2029 Moderate: openssh security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2029
CVE-2016-10009
CVE-2016-10011
CVE-2016-10012
CVE-2016-6210
CVE-2016-6515

+ RHSA-2017:2016 Moderate: curl security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2016
CVE-2016-7167

+ RHSA-2017:2004 Moderate: git security and bug fix update
https://access.redhat.com/errata/RHSA-2017:2004
CVE-2014-9938
CVE-2017-8386

+ RHSA-2017:2000 Moderate: tigervnc and fltk security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2000
CVE-2016-10207
CVE-2017-5581
CVE-2017-7392
CVE-2017-7393
CVE-2017-7394
CVE-2017-7395
CVE-2017-7396

+ RHSA-2017:1983 Moderate: postgresql security and enhancement update
https://access.redhat.com/errata/RHSA-2017:1983
CVE-2017-7484
CVE-2017-7486

+ RHSA-2017:1950 Low: samba security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1950
CVE-2017-9461

+ RHSA-2017:1931 Moderate: bash security and bug fix update
https://access.redhat.com/errata/RHSA-2017:1931
CVE-2016-0634
CVE-2016-7543
CVE-2016-9401

+ RHSA-2017:1916 Moderate: glibc security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1916
CVE-2014-9761
CVE-2015-8776
CVE-2015-8777
CVE-2015-8778
CVE-2015-8779

+ RHSA-2017:1859 Moderate: golang security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1859
CVE-2017-8932

+ RHSA-2017:1868 Moderate: python security and bug fix update
https://access.redhat.com/errata/RHSA-2017:1868
CVE-2014-9365

+ RHSA-2017:1860 Moderate: libtasn1 security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1860
CVE-2015-2806
CVE-2015-3622

+ RHSA-2017:1865 Moderate: X.org X11 libraries security, bug fix and enhancement update
https://access.redhat.com/errata/RHSA-2017:1865
CVE-2016-10164
CVE-2017-2625
CVE-2017-2626

+ RHSA-2017:1856 Moderate: qemu-kvm security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1856
CVE-2016-4020
CVE-2017-2633
CVE-2017-5898

+ RHSA-2017:1852 Moderate: openldap security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1852
CVE-2017-9287

+ RHSA-2017:1842 Important: kernel security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1842
CVE-2014-7970
CVE-2014-7975
CVE-2015-8839
CVE-2015-8970
CVE-2016-10088
CVE-2016-10147
CVE-2016-10200
CVE-2016-6213
CVE-2016-7042
CVE-2016-7097
CVE-2016-8645
CVE-2016-9576
CVE-2016-9588
CVE-2016-9604
CVE-2016-9685
CVE-2016-9806
CVE-2017-2596
CVE-2017-2647
CVE-2017-2671
CVE-2017-5970
CVE-2017-6001
CVE-2017-6951
CVE-2017-7187
CVE-2017-7616
CVE-2017-7889
CVE-2017-8797
CVE-2017-8890
CVE-2017-9074
CVE-2017-9075
CVE-2017-9076
CVE-2017-9077
CVE-2017-9242

+ RHSA-2017:1854 Moderate: pidgin security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1854
CVE-2014-3694
CVE-2014-3695
CVE-2014-3696
CVE-2014-3698
CVE-2017-2640

+ RHSA-2017:2299 Moderate: NetworkManager and libnl3 security, bug fix and enhancement update
https://access.redhat.com/errata/RHSA-2017:2299
CVE-2017-0553

+ RHSA-2017:2292 Moderate: gnutls security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2292
CVE-2016-7444
CVE-2017-5334
CVE-2017-5335
CVE-2017-5336
CVE-2017-5337
CVE-2017-7507
CVE-2017-7869

+ RHSA-2017:2335 Moderate: pki-core security update
https://access.redhat.com/errata/RHSA-2017:2335
CVE-2017-7537

+ RHSA-2017:2285 Moderate: authconfig security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:2285
CVE-2017-7488

+ RHSA-2017:1975 Moderate: libreoffice security and bug fix update
https://access.redhat.com/errata/RHSA-2017:1975
CVE-2017-7870

+ RHSA-2017:1871 Moderate: tcpdump security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2017:1871
CVE-2015-0261
CVE-2015-2153
CVE-2015-2154
CVE-2015-2155
CVE-2016-7922
CVE-2016-7923
CVE-2016-7924
CVE-2016-7925
CVE-2016-7926
CVE-2016-7927
CVE-2016-7928
CVE-2016-7929
CVE-2016-7930
CVE-2016-7931
CVE-2016-7932
CVE-2016-7933
CVE-2016-7934
CVE-2016-7935
CVE-2016-7936
CVE-2016-7937
CVE-2016-7938
CVE-2016-7939
CVE-2016-7940
CVE-2016-7973
CVE-2016-7974
CVE-2016-7975
CVE-2016-7983
CVE-2016-7984
CVE-2016-7985
CVE-2016-7986
CVE-2016-7992
CVE-2016-7993
CVE-2016-8574
CVE-2016-8575
CVE-2017-5202
CVE-2017-5203
CVE-2017-5204
CVE-2017-5205
CVE-2017-5341
CVE-2017-5342
CVE-2017-5482
CVE-2017-5483
CVE-2017-5484
CVE-2017-5485
CVE-2017-5486

+ Google Chrome 60.0.3112.90 released
https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop.html

+ Cisco Videoscape Distribution Suite Cache Server Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds
CVE-2017-6745

+ Cisco Identity Services Engine Authentication Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ise
CVE-2017-6747

+ Cisco Unified Communications Manager Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm1
CVE-2017-6758

+ Cisco Unified Communications Manager SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm
CVE-2017-6757

+ Cisco Smart Net Total Care Software Collector Appliance SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-sntc
CVE-2017-6754

+ Cisco Prime Collaboration Provisioning Tool Pervasive Cross-Site Request Forgery Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt1
CVE-2017-6756

+ Cisco Prime Collaboration Provisioning Tool UpgradeManager File Write Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt
CVE-2017-6759

+ Cisco Meeting Server H.264 Protocol Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms
CVE-2017-6763

+ Cisco Firepower System Software Secure Sockets Layer Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-fpw
CVE-2017-6766

+ Cisco Jabber Guest Server Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-cj
CVE-2017-6762

+ Cisco Finesse Reflected Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-cf
CVE-2017-6761

+ Cisco Adaptive Security Appliance Username Enumeration Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa2
CVE-2017-6752

+ Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa1
CVE-2017-6765

+ Cisco Adaptive Security Appliance Authenticated Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa
CVE-2017-6764

+ glibc 2.26 released
https://sourceware.org/ml/libc-alpha/2017-08/msg00010.html

UPDATE: JVN#74247807 ScreenOS における複数のクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN74247807/

JVN#24087303 環境省が提供する報告書作成支援ツールのインストーラにおける任意のDLL読み込みの脆弱性
http://jvn.jp/jp/JVN24087303/

徹底解説CDN
CDNがパブリックDNSを使っても最寄りサーバーを判断できる理由
http://itpro.nikkeibp.co.jp/atcl/column/17/072100302/072100004/?ST=security&itp_list_theme

IoT時代の最新SELinux入門
SELinuxで今どきのログ収集サーバーを守る
http://itpro.nikkeibp.co.jp/atcl/column/17/041900153/080100009/?ST=security&itp_list_theme

Windows 7はいつやめる？
「Windows 10移行とSurface2000台導入で働き方改革」、日清食品HD
http://itpro.nikkeibp.co.jp/atcl/column/17/072600315/080100003/?ST=security&itp_list_theme

Win10で需要増、キヤノンITSが汎用機エミュレーター「TCPLink」の新版
http://itpro.nikkeibp.co.jp/atcl/news/17/080102032/?ST=security&itp_list_theme

米Amazonが米BLU製格安スマホを販売停止、ユーザー情報を中国へ送信
http://itpro.nikkeibp.co.jp/atcl/news/17/080202046/?ST=security&itp_list_theme

AI quickly cooks malware that AV software can't spot
http://www.linuxsecurity.com/content/view/172407/169/

Security This Week: The Very Best Hacks From Black Hat and Defcon
http://www.linuxsecurity.com/content/view/172406/169/

12 signs you've been hacked -- and how to fight back
http://www.linuxsecurity.com/content/view/172405/169/

:: IT Security Neophyte Investigator's MEMO ::

2017年8月3日木曜日

3日木曜日、大安

0 件のコメント:

コメントを投稿

2017年8月3日木曜日

3日 木曜日、大安

0 件のコメント:

コメントを投稿

3日木曜日、大安