17日 木曜日、大安

+ Some customers can't create team-managed projects

https://jira-service-management.status.atlassian.com/incidents/x7f0xb107dqq

+ RHSA-2024:8117 Moderate: java-1.8.0-openjdk security update

https://access.redhat.com/errata/RHSA-2024:8117

CVE-2023-48161

CVE-2024-21208

CVE-2024-21210

CVE-2024-21217

CVE-2024-21235

+ RHSA-2024:8124 Moderate: java-17-openjdk security update

https://access.redhat.com/errata/RHSA-2024:8124

CVE-2023-48161

CVE-2024-21208

CVE-2024-21210

CVE-2024-21217

CVE-2024-21235

+ RHSA-2024:8127 Moderate: java-21-openjdk security update

https://access.redhat.com/errata/RHSA-2024:8127

CVE-2023-48161

CVE-2024-21208

CVE-2024-21210

CVE-2024-21217

CVE-2024-21235

+ RHSA-2024:8121 Moderate: java-11-openjdk security update

https://access.redhat.com/errata/RHSA-2024:8121

CVE-2023-48161

CVE-2024-21208

CVE-2024-21210

CVE-2024-21217

CVE-2024-21235

+ RHSA-2024:8180 Important: webkit2gtk3 security update

https://access.redhat.com/errata/RHSA-2024:8180

CVE-2024-23271

CVE-2024-27820

CVE-2024-27838

CVE-2024-27851

CVE-2024-40776

CVE-2024-40779

CVE-2024-40780

CVE-2024-40782

CVE-2024-40789

CVE-2024-40866

CVE-2024-44187

+ RHSA-2024:8162 Moderate: kernel security update

https://access.redhat.com/errata/RHSA-2024:8162

CVE-2021-47385

CVE-2023-28746

CVE-2023-52658

CVE-2024-27403

CVE-2024-35989

CVE-2024-36889

CVE-2024-36978

CVE-2024-38556

CVE-2024-39483

CVE-2024-39502

CVE-2024-40959

CVE-2024-42079

CVE-2024-42272

CVE-2024-42284

+ Mozilla Thunderbird 128.3.2 released

https://www.thunderbird.net/en-US/thunderbird/128.3.2esr/releasenotes/

+ ISC BIND 9.20.3, 9.18.31 released

https://downloads.isc.org/isc/bind9/9.20.3/doc/arm/html/notes.html

https://downloads.isc.org/isc/bind9/9.18.31/doc/arm/html/notes.html

+ OpenSSL Security Advisory [16th October 2024]

https://openssl-library.org/news/secadv/20241016.txt

CVE-2024-9143

複雑化する暗号の「2030年問題」

第2回

量子コンピューターに強い「PQC」暗号、標準化完了も即移行が難しい理由

https://xtech.nikkei.com/atcl/nxt/column/18/02976/100900002/?ST=nxt_thmit_security

JVNVU#92054409 三菱電機製数値制御装置における数値の入力に対する不適切な検証

https://jvn.jp/vu/JVNVU92054409/index.html

JVN#78356367 複数のNTT東日本製ホームゲートウェイ/ひかり電話ルータにおけるアクセス制限不備の脆弱性

https://jvn.jp/jp/JVN78356367/index.html