2021年5月6日木曜日

6日 木曜日、先負

+ Apache OpenOffice 4.1.10 is released!
https://cwiki.apache.org/confluence/display/OOOUSERS/AOO+4.1.10+Release+Notes

+ (緊急)BIND 9.xの脆弱性(DNSサービスの停止・リモートコード実行)について(CVE-2021-25216)
  - GSS-TSIGが有効に設定されている場合のみ対象、バージョンアップを強く推奨 -
https://jprs.jp/tech/security/2021-04-30-bind9-vuln-gsstsig.html
CVE-2021-25216

+ (緊急)BIND 9.xの脆弱性(DNSサービスの停止)について(CVE-2021-25215)
  - バージョンアップを強く推奨 -
https://jprs.jp/tech/security/2021-04-30-bind9-vuln-dname.html
CVE-2021-25215

+ BIND 9.xの脆弱性(DNSサービスの停止)について(CVE-2021-25214)
  - セカンダリサーバーのみ対象、バージョンアップを推奨 -
https://jprs.jp/tech/security/2021-04-30-bind9-vuln-ixfr.html
CVE-2021-25214

+ PostgreSQL ODBC Driver 13.01.0000 released
https://www.postgresql.org/ftp/odbc/versions/msi/

+ RHSA-2021:1469 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1469
CVE-2021-25215

+ RHSA-2021:1452 Important: Red Hat Ceph Storage security, bug fix, and enhancement Update
https://access.redhat.com/errata/RHSA-2021:1452

+ RHSA-2021:1407 Moderate: etcd security update
https://access.redhat.com/errata/RHSA-2021:1407
CVE-2020-15106
CVE-2020-15112

+ RHSA-2021:1389 Moderate: openldap security update
https://access.redhat.com/errata/RHSA-2021:1389
CVE-2020-25692

+ RHSA-2021:1384 Moderate: nss security and bug fix update
https://access.redhat.com/errata/RHSA-2021:1384
CVE-2020-25648

+ RHSA-2021:1479 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1479
CVE-2021-25215

+ RHSA-2021:1478 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1478
CVE-2021-25215

+ RHSA-2021:1477 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1477
CVE-2021-25215

+ RHSA-2021:1476 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1476
CVE-2021-25215

+ RHSA-2021:1475 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1475
CVE-2021-25215

+ RHSA-2021:1469 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1469
CVE-2021-25215

+ RHSA-2021:1468 Important: bind security update
https://access.redhat.com/errata/RHSA-2021:1468
CVE-2021-25215

+ Safari 14.1 のセキュリティコンテンツについて
https://support.apple.com/ja-jp/HT212340
CVE-2021-30665
CVE-2021-30663

+ macOS Big Sur 11.3.1 のセキュリティコンテンツについて
https://support.apple.com/ja-jp/HT212335
CVE-2021-30665
CVE-2021-30663

+ iOS 14.5.1 および iPadOS 14.5.1 のセキュリティコンテンツについて
https://support.apple.com/ja-jp/HT212336
CVE-2021-30665
CVE-2021-30663

+ iOS 12.5.3 のセキュリティコンテンツについて
https://support.apple.com/ja-jp/HT212341
CVE-2021-30666
CVE-2021-30665
CVE-2021-30663
CVE-2021-30661

+ watchOS 7.4.1 のセキュリティコンテンツについて
https://support.apple.com/ja-jp/HT212339
CVE-2021-30665

+ Mozilla Firefox 88.0.1 released
https://www.mozilla.org/en-US/firefox/88.0.1/releasenotes/

+ Mozilla Foundation Security Advisory 2021-20 Security Vulnerabilities fixed in Firefox 88.0.1, Firefox for Android 88.1.3
https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/
CVE-2021-29953
CVE-2021-29952

+ CESA-2021:0617 Important CentOS 7 xterm Security Update
https://lwn.net/Articles/855177/

+ CESA-2021:1298 Moderate CentOS 7 java-1.8.0-openjdk Security Update
https://lwn.net/Articles/855173/

+ CESA-2021:1354 Important CentOS 7 xstream Security Update
https://lwn.net/Articles/855176/

+ CESA-2021:1469 Important CentOS 7 bind Security Update
https://lwn.net/Articles/855171/

+ CESA-2020:4076 Moderate CentOS 7 nss Security Update
https://lwn.net/Articles/855175/

+ CESA-2021:1297 Moderate CentOS 7 java-11-openjdk Security Update
https://lwn.net/Articles/855174/

+ CESA-2018:3140 Moderate CentOS 7 libgweather Security Update
https://lwn.net/Articles/855172/

+ Mozilla Thunderbird 78.10.1 released
https://www.thunderbird.net/en-US/thunderbird/78.10.1/releasenotes/

+ Mozilla Foundation Security Advisory 2021-19 Security Vulnerabilities fixed in Thunderbird 78.10.1
https://www.mozilla.org/en-US/security/advisories/mfsa2021-19/
CVE-2021-29951

+ CVE-2021-30245 Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks
http://www.openoffice.org/security/cves/CVE-2021-30245.html
CVE-2021-30245

+ ISC BIND 9.17.12, 9.16.15, 9.11.31 released
https://downloads.isc.org/isc/bind9/9.17.12/doc/arm/html/notes.html
https://downloads.isc.org/isc/bind9/9.16.15/doc/arm/html/notes.html
https://downloads.isc.org/isc/bind9/9.11.31/RELEASE-NOTES-bind-9.11.31.html

+ Linux kernel 5.12.1, 5.11.18, 5.10.34, 5.4.116, 4.19.189, 4.14,232, 4.9.268, 4.4.268 released
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.1
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.18
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.34
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.116
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.189
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.232
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.268
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.268

+ UPDATE: Oracle Critical Patch Update Advisory - April 2021
https://www.oracle.com/security-alerts/cpuapr2021.html

+ Samba 4.14.4, 4.13.8 and 4.12.15 Security Releases Available
https://www.samba.org/samba/history/samba-4.13.8.html
https://www.samba.org/samba/history/samba-4.13.8.html
https://www.samba.org/samba/history/samba-4.12.15.html

+ VMSA-2021-0007 VMware vRealize Business for Cloud updates address a remote code execution vulnerability (CVE-2021-21984)
https://www.vmware.com/security/advisories/VMSA-2021-0007.html
CVE-2021-21984

+ Apache HTTP Server 2.4.47 Released
https://downloads.apache.org/httpd/CHANGES_2.4.47

+ Apache Tomcat 7.0.109 Released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html#Tomcat_7.0.109_(violetagg)

+ GCC 11.1 released
https://gcc.gnu.org/gcc-11/changes.html

+ Dovecot 2.3.14 released
https://dovecot.org/pipermail/dovecot-news/2021-March/000455.html

+ Postfix 3.6.0 released
http://www.postfix.org/announcements/postfix-3.6.0.html

+ PHP 8.0.5 7.4.18, 7.3.28 released
https://www.php.net/ChangeLog-8.php#8.0.5
https://www.php.net/ChangeLog-7.php#7.4.18
https://www.php.net/ChangeLog-7.php#7.3.28

+ JVNVU#94179101 ISC BIND における複数の脆弱性
http://jvn.jp/vu/JVNVU94179101/index.html
CVE-2021-25214
CVE-2021-25215
CVE-2021-25216

+ Linux Kernelの脆弱性(CVE-2021-31829)
https://security.sios.com/vulnerability/kernel-security-vulnerability-20210505.html
CVE-2021-31829

+ Sambaの複数の脆弱性情報(Medium: CVE-2021-20254 と修正バージョン(4.14.4, 4.13.8, 4.12.15)
https://security.sios.com/vulnerability/samba-secuirty-vulnerability-20210501.html
CVE-2021-20254

+ BIND 9の複数の脆弱性情報(Medium: CVE-2021-25214, High: CVE-2021-25215, CVE-2021-25216)と新バージョン(9.11.31, 9.16.15, 9.17.12 )
https://security.sios.com/vulnerability/bind-security-vulnerability-20210429.html
CVE-2021-25214
CVE-2021-25215
CVE-2021-25216

AlmaLinux OS 8.4 Beta Now Available!
https://almalinux.org/blog/almalinux-os-8-4-beta-now-available/

VPNやVDIで安全なリモートアクセス環境を構築
[第8回]
https://xtech.nikkei.com/atcl/nxt/mag/nnw/18/091700094/042200008/?ST=nxt_thmit_security

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)