2021年2月17日水曜日

17日 水曜日、赤口

+ RHSA-2021:0558 Important: kernel security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2021:0558
CVE-2020-14351
CVE-2020-25705
CVE-2020-29661

+ RHSA-2021:0557 Moderate: perl security update
https://access.redhat.com/errata/RHSA-2021:0557
CVE-2020-12723

+ RHSA-2021:0551 Moderate: nodejs:14 security and bug fix update
https://access.redhat.com/errata/RHSA-2021:0551
CVE-2020-7754
CVE-2020-7774
CVE-2020-7788
CVE-2020-8265
CVE-2020-8277
CVE-2020-8287
CVE-2020-15366

+ RHSA-2021:0549 Moderate: nodejs:12 security update
https://access.redhat.com/errata/RHSA-2021:0549
CVE-2019-10746
CVE-2019-10747
CVE-2020-7754
CVE-2020-7788
CVE-2020-8265
CVE-2020-8287

+ RHSA-2021:0548 Moderate: nodejs:10 security update
https://access.redhat.com/errata/RHSA-2021:0548
CVE-2020-7608
CVE-2020-7754
CVE-2020-7774
CVE-2020-7788
CVE-2020-8116
CVE-2020-8252
CVE-2020-8265
CVE-2020-8287
CVE-2020-15095
CVE-2020-15366

+ RHSA-2021:0538 Moderate: nss security and bug fix update
https://access.redhat.com/errata/RHSA-2021:0538
CVE-2020-6829
CVE-2020-12400
CVE-2020-12403

+ RHSA-2021:0531 Moderate: container-tools:rhel8 security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2021:0531
CVE-2020-14370

+ RHSA-2021:0530 Moderate: java-1.8.0-ibm security update
https://access.redhat.com/errata/RHSA-2021:0530
CVE-2020-14779
CVE-2020-14796
CVE-2020-14797

+ Google Chrome 88.0.4324.182 released
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html

+ OpenSSL 1.1.1j released
https://www.openssl.org/news/changelog.html#openssl-111

+ OpenSSL Security Advisory [16 February 2021]
https://www.openssl.org/news/secadv/20210216.txt
CVE-2021-23841
CVE-2021-23839
CVE-2021-23840

+ OpenSSLの脆弱性情報(Moderate: CVE-2021-23841, Low: CVE-2021-23839, CVE-2021-23840)
https://security.sios.com/vulnerability/openssl-security-vulnerability-20210217.html
CVE-2021-23841
CVE-2021-23839
CVE-2021-23840

詳報・8部門の調査結果
https://xtech.nikkei.com/atcl/nxt/mag/nc/18/020800213/020800003/?ST=nxt_thmit_security

多要素認証でも防げない攻撃出現 「最高謝罪責任者」置くベンダーも
https://xtech.nikkei.com/atcl/nxt/mag/nc/18/052100113/020500049/?ST=nxt_thmit_security

JVN#58774946 FileZen における OS コマンドインジェクションの脆弱性
http://jvn.jp/jp/JVN58774946/index.html

JVNVU#94008268 M&M Software 製 fdtCONTAINER に信頼できないデータのデシリアライズの脆弱性
http://jvn.jp/vu/JVNVU94008268/index.html

0 件のコメント:

コメントを投稿