18日 月曜日、大安

+ The Android-x86 7.1-r4 released
https://www.android-x86.org/releases/releasenote-7-1-r4.html

+ UPDATE: VMSA-2020-0009.1 vRealize Operations Application Remote Collector (ARC) addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652)
https://www.vmware.com/security/advisories/VMSA-2020-0009.html

+ hitachi-sec-2020-113 DoS Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-113/index.html

+ hitachi-sec-2020-112 Multiple Vulnerabilities in Hitachi Compute Systems Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-112/index.html

+ hitachi-sec-2020-111 Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-111/index.html
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2767
CVE-2020-2773
CVE-2020-2778
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2816
CVE-2020-2830

+ hitachi-sec-2020-113 JP1/Automatic Job Management System 3およびJP1/Automatic Job Management System 2におけるDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2020-113/index.html

+ hitachi-sec-2020-112 Hitachi Compute Systems Managerにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2020-112/index.html

+ hitachi-sec-2020-111 Hitachi Command Suite製品, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics AdvisorおよびHitachi Ops Center製品における複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2020-111/index.html
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2767
CVE-2020-2773
CVE-2020-2778
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2816
CVE-2020-2830

+ Apache Log4j 2.13.3 Released
https://blogs.apache.org/logging/

+ Postfix 3.5.2, 3.4.12, 3.3.10, 3.2.15 released
http://mirror.postfix.jp/postfix-release/official/postfix-3.5.2.RELEASE_NOTES
http://mirror.postfix.jp/postfix-release/official/postfix-3.4.12.RELEASE_NOTES
http://mirror.postfix.jp/postfix-release/official/postfix-3.3.10.RELEASE_NOTES
http://mirror.postfix.jp/postfix-release/official/postfix-3.2.15.RELEASE_NOTES

+ Microsoft Windows Task Scheduler Security Feature Bypass
https://cxsecurity.com/issue/WLB-2020050131
CVE-2020-1113

JVNVU#98824176 Opto 22 製 SoftPAC Project に複数の脆弱性
http://jvn.jp/vu/JVNVU98824176/index.html

JVNVU#95200006 Samsung Qmage codec for Android Skia library にメモリ破壊の脆弱性
http://jvn.jp/vu/JVNVU95200006/index.html

JVNVU#94025006 Emerson WirelessHART Gateway に不適切なアクセス制御の脆弱性
http://jvn.jp/vu/JVNVU94025006/index.html

相次ぐ「位置情報ビッグデータ」の無償提供、自治体の新型コロナ対策を下支え
https://xtech.nikkei.com/atcl/nxt/column/18/01304/051500001/?ST=nxt_thmit_security

JIPDECが「適格eシール」を利用開始、社印の電子版に相当
https://xtech.nikkei.com/atcl/nxt/news/18/07870/?ST=nxt_thmit_security