2019年8月7日水曜日

7日 水曜日、先勝

+ PowerDNS Authoritative Serverの脆弱性情報が公開されました(CVE-2019-10203)
https://jprs.jp/tech/security/2019-08-06-powerdns-auth.html
CVE-2019-10203

+ RHSA-2019:2035 Low: python-requests security update
https://access.redhat.com/errata/RHSA-2019:2035
CVE-2018-18074

+ Release Notes for Red Hat Enterprise Linux 7.7 released
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index

+ Release notes for Red Hat Enterprise Linux 8.1 Beta released
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8-beta/html/8.1_release_notes/index

+ Google Chrome 76.0.3809.100 released
https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop.html

+ FreeBSD-SA-19:21.bhyve Insufficient validation of guest-supplied data (e1000 device)
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:21.bhyve.asc
CVE-2019-5609

+ FreeBSD-SA-19:20.bsnmp Insufficient message length validation in bsnmp library
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:20.bsnmp.asc
CVE-2019-5610

+ FreeBSD-SA-19:19.mldv2 ICMPv6 / MLDv2 out-of-bounds memory access
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:19.mldv2.asc
CVE-2019-5608

+ FreeBSD-SA-19:18.bzip2 Multiple vulnerabilities in bzip2
https://www.freebsd.org/security/advisories/FreeBSD-SA-19:18.bzip2.asc
CVE-2016-3189
CVE-2019-12900

+ Linux kernel 5.2.7, 4.19.65, 4.14.137, 4.9.188, 4.4.188 released
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.7
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.65
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.137
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.188
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.188

+ macOS / iOS NSKeyedUnarchiver Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances
https://cxsecurity.com/issue/WLB-2019080023

+ macOS / iOS JavaScriptCore Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded
https://cxsecurity.com/issue/WLB-2019080022

トラブル対策の基本、パケットキャプチャーの全て
パケットキャプチャーの定番ソフトWiresharkが大幅更新、特徴は?
https://tech.nikkeibp.co.jp/atcl/nxt/column/18/00899/073000003/?ST=nxt_thmit_security

動かないコンピュータ14連発
7pay問題に揺れるセブン&アイ、6年前にも情報流出を引き起こしていた
https://tech.nikkeibp.co.jp/atcl/nxt/column/18/00859/070900005/?ST=nxt_thmit_security

ニュース解説
検証7pay問題、「販促優先」が招いた端末認証の不備
https://tech.nikkeibp.co.jp/atcl/nxt/column/18/00001/02704/?ST=nxt_thmit_security

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)