+ (緊急)BIND 9.16.19の脆弱性(DNSサービスの停止)について(CVE-2021-25218)
- BIND 9.16.19のみが対象、バージョンアップを強く推奨 -
https://jprs.jp/tech/security/2021-08-19-bind9-vuln-rrl.html
CVE-2021-25218
+ RHSA-2021:3233 Important: compat-exiv2-026 security update
https://access.redhat.com/errata/RHSA-2021:3233
CVE-2021-31291
+ CESA-2021:3154 Important CentOS 7 firefox Security Update
https://lwn.net/Articles/866745/
+ CESA-2021:3160 Important CentOS 7 thunderbird Security Update
https://lwn.net/Articles/866746/
+ CESA-2021:3158 Important CentOS 7 exiv2 Security Update
https://lwn.net/Articles/866744/
+ UPDATE: Oracle Critical Patch Update Advisory - July 2021
https://www.oracle.com/security-alerts/cpujul2021.html
+ VMSA-2021-0017 VMware Workspace ONE UEM console patches address a denial of service vulnerability (CVE-2021-22029)
https://www.vmware.com/security/advisories/VMSA-2021-0017.html
CVE-2021-22029
+ ClamAV 0.104.0 Second Release Candidate is here!
https://blog.clamav.net/2021/08/clamav-01040-second-release-candidate.html
+ UPDATE: JVNVU#95033866 ISC BINDにサービス運用妨害(DoS)の脆弱性
http://jvn.jp/vu/JVNVU95033866/index.html
JVNVU#92334702 ThroughTek製Kalay P2P SDKにおけるアクセス制限不備の脆弱性
http://jvn.jp/vu/JVNVU92334702/index.html
JVNVU#95261759 Navigate CMS における複数の脆弱性
http://jvn.jp/vu/JVNVU95261759/index.html
ニュース解説
情報流出を招いた富士通「ProjectWEB」は多要素認証なし、難航する原因特定
https://xtech.nikkei.com/atcl/nxt/column/18/00001/05929/?ST=nxt_thmit_security
JTBの海外グループ会社に不正アクセス、顧客氏名やメアドが流出か
https://xtech.nikkei.com/atcl/nxt/news/18/11024/?ST=nxt_thmit_security
0 件のコメント:
コメントを投稿