2018年1月4日木曜日

4日 木曜日、仏滅

+ RHSA-2018:0008 Important: kernel security update
https://access.redhat.com/errata/RHSA-2018:0008

+ RHSA-2018:0012 Important: microcode_ctl security update
https://access.redhat.com/errata/RHSA-2018:0012

+ Moziila Firefox 57.0.3 released
https://www.mozilla.org/en-US/firefox/57.0.3/releasenotes/

+ Zabbix 3.4.5, 3.2.11, 3.0.14, 2.2.21 released
https://www.zabbix.com/rn3.4.5
https://www.zabbix.com/rn3.2.11
https://www.zabbix.com/rn3.0.14
https://www.zabbix.com/rn2.2.21

+ VMware Workstation 14.1.0 Player released
https://docs.vmware.com/jp/VMware-Workstation-Player/14.0.0/rn/player-141-release-notes.html

+ Cisco WebEx Network Recording Player Buffer Overflow Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180103-wnrp
CVE-2018-0103

+ Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180103-warfp
CVE-2018-0104

+ Linux kernel 4.14.11, 4.9.74, 4.4.109, 3.18.91, 3.16.52, 3.2.97 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.74
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.109
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.91
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.52
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.97

+ Windows 7 x86 dwmapi.dll arbitrary code execution leading to privillege escallation
https://cxsecurity.com/issue/WLB-2018010021

+ Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation
https://cxsecurity.com/issue/WLB-2018010018
CVE-2017-1000112

+ Google Chrome Installer DLL Hijack vulnerability
https://cxsecurity.com/issue/WLB-2018010008

+ Apple macOS IOHIDSystem Kernel Read/Write
https://cxsecurity.com/issue/WLB-2018010004

Amazon Auroraを使用したMagento Content Servicesの構築をAWS Quick Startで加速させる
https://aws.amazon.com/jp/blogs/news/accelerate-magento-content-services-deployment-on-amazon-aurora-with-aws-quick-start/

【開催報告】AWS-HUB
https://aws.amazon.com/jp/blogs/news/aws-hub-report-2017dec/

Apache OpenOffice 4.1.5 is released!
https://cwiki.apache.org/confluence/display/OOOUSERS/AOO+4.1.5+Release+Notes

pg_chameleon 2.0 released
https://www.postgresql.org/about/news/1818/

UPDATE: JVNVU#92438713 複数の TLS 実装において Bleichenbacher 攻撃対策が不十分である問題
http://jvn.jp/vu/JVNVU92438713/index.html

新春 編集長の眼
ランサムウエアとワームがまさかの合体、強力な集金ツールがネットを襲う
http://itpro.nikkeibp.co.jp/atcl/column/17/120500556/121900001/?ST=security&itp_list_theme

インタビュー&トーク
「中小企業のセキュリティをAIで守る」、英ソフォスCEO
http://itpro.nikkeibp.co.jp/atcl/interview/14/262522/122700357/?ST=security&itp_list_theme

0 件のコメント:

コメントを投稿