+ About the security content of AirPort Base Station Firmware Update 7.7.9
https://support.apple.com/ja-jp/HT208354
CVE-2017-9417
CVE-2017-13077
CVE-2017-13078
CVE-2017-13080
+ About the security content of AirPort Base Station Firmware Update 7.6.9
https://support.apple.com/ja-jp/HT208258
CVE-2017-13077
CVE-2017-13078
CVE-2017-13080
+ Security updates available for Flash Player | APSB17-42
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
CVE-2017-11305
+ 2017 年 12 月のセキュリティ更新プログラム (月例)
https://blogs.technet.microsoft.com/jpsecurity/2017/12/13/201712-security-updates/
+ UPDATE: Multiple Vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex-players
+ Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
CVE-2017-17428
+ UPDATE: Cisco Email Security Appliance Header Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa
+ UPDATE: JVNVU#99259676 Apache Tomcat の複数の脆弱性に対するアップデート
http://jvn.jp/vu/JVNVU99259676/index.html
+ macOS getrusage Stack Leak
https://cxsecurity.com/issue/WLB-2017120080
CVE-2017-13869
+ macOS necp_get_socket_attributes so_pcb Type Confusion
https://cxsecurity.com/issue/WLB-2017120079
CVE-2017-13855
+ Linux kernel Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/102150
CVE-2017-16912
CVE-2017-16913
CVE-2017-16914
AWS Glue や Amazon Athena で使用するサーバーレスの管理されていない Machine Learning
https://aws.amazon.com/jp/blogs/news/serverless-unsupervised-machine-learning-with-aws-glue-and-amazon-athena/
VU#144389 TLS implementations may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding
https://www.kb.cert.org/vuls/id/144389
Postgres Migration Tookit v3.1 has been released
https://www.postgresql.org/about/news/1812/
ソフォスがセキュリティ製品のデモ施設、パートナー企業にも開放
http://itpro.nikkeibp.co.jp/atcl/news/17/121202843/?ST=security&itp_list_theme
「メール詐欺対策にDMARCを」、プルーフポイントが新サービス
http://itpro.nikkeibp.co.jp/atcl/news/17/121202841/?ST=security&itp_list_theme
ネット銀行狙うウイルス「DreamBot」の被害が急増、警察庁などが注意喚起
http://itpro.nikkeibp.co.jp/atcl/news/17/121202839/?ST=security&itp_list_theme
0 件のコメント:
コメントを投稿