17日 水曜日、赤口

+ RHSA-2021:0558 Important: kernel security, bug fix, and enhancement update

https://access.redhat.com/errata/RHSA-2021:0558

CVE-2020-14351

CVE-2020-25705

CVE-2020-29661

+ RHSA-2021:0557 Moderate: perl security update

https://access.redhat.com/errata/RHSA-2021:0557

CVE-2020-12723

+ RHSA-2021:0551 Moderate: nodejs:14 security and bug fix update

https://access.redhat.com/errata/RHSA-2021:0551

CVE-2020-7754

CVE-2020-7774

CVE-2020-7788

CVE-2020-8265

CVE-2020-8277

CVE-2020-8287

CVE-2020-15366

+ RHSA-2021:0549 Moderate: nodejs:12 security update

https://access.redhat.com/errata/RHSA-2021:0549

CVE-2019-10746

CVE-2019-10747

CVE-2020-7754

CVE-2020-7788

CVE-2020-8265

CVE-2020-8287

+ RHSA-2021:0548 Moderate: nodejs:10 security update

https://access.redhat.com/errata/RHSA-2021:0548

CVE-2020-7608

CVE-2020-7754

CVE-2020-7774

CVE-2020-7788

CVE-2020-8116

CVE-2020-8252

CVE-2020-8265

CVE-2020-8287

CVE-2020-15095

CVE-2020-15366

+ RHSA-2021:0538 Moderate: nss security and bug fix update

https://access.redhat.com/errata/RHSA-2021:0538

CVE-2020-6829

CVE-2020-12400

CVE-2020-12403

+ RHSA-2021:0531 Moderate: container-tools:rhel8 security, bug fix, and enhancement update

https://access.redhat.com/errata/RHSA-2021:0531

CVE-2020-14370

+ RHSA-2021:0530 Moderate: java-1.8.0-ibm security update

https://access.redhat.com/errata/RHSA-2021:0530

CVE-2020-14779

CVE-2020-14796

CVE-2020-14797

+ Google Chrome 88.0.4324.182 released

https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html

+ OpenSSL 1.1.1j released

https://www.openssl.org/news/changelog.html#openssl-111

+ OpenSSL Security Advisory [16 February 2021]

https://www.openssl.org/news/secadv/20210216.txt

CVE-2021-23841

CVE-2021-23839

CVE-2021-23840

+ OpenSSLの脆弱性情報(Moderate: CVE-2021-23841, Low: CVE-2021-23839, CVE-2021-23840)

https://security.sios.com/vulnerability/openssl-security-vulnerability-20210217.html

CVE-2021-23841

CVE-2021-23839

CVE-2021-23840

詳報・8部門の調査結果

https://xtech.nikkei.com/atcl/nxt/mag/nc/18/020800213/020800003/?ST=nxt_thmit_security

多要素認証でも防げない攻撃出現　「最高謝罪責任者」置くベンダーも

https://xtech.nikkei.com/atcl/nxt/mag/nc/18/052100113/020500049/?ST=nxt_thmit_security

JVN#58774946 FileZen における OS コマンドインジェクションの脆弱性

http://jvn.jp/jp/JVN58774946/index.html

JVNVU#94008268 M&M Software 製 fdtCONTAINER に信頼できないデータのデシリアライズの脆弱性

http://jvn.jp/vu/JVNVU94008268/index.html