2026年7月16日木曜日

16日 木曜日、友引

+ RHSA-2026:39893 Important: python3.12 security update
https://access.redhat.com/errata/RHSA-2026:39893
CVE-2026-15308

+ RHSA-2026:39868 Important: nodejs:24 security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2026:39868
CVE-2026-6733
CVE-2026-6734
CVE-2026-9678
CVE-2026-9697
CVE-2026-11525
CVE-2026-12151
CVE-2026-42338
CVE-2026-48615
CVE-2026-48618
CVE-2026-48619
CVE-2026-48928
CVE-2026-48930
CVE-2026-48933
CVE-2026-48934
CVE-2026-48935

+ RHSA-2026:39575 Important: cifs-utils security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2026:39575
CVE-2026-12505

+ RHSA-2026:40416 Low: php:8.2 security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2026:40416
CVE-2026-14355

+ RHSA-2026:39879 Important: rhc security update
https://access.redhat.com/errata/RHSA-2026:39879
CVE-2026-27145
CVE-2026-39821

+ RHSA-2026:39810 Important: Red Hat OpenStack Services on OpenShift 18.0 (golang-github-openstack-k8s-operators-os-diff) security update
https://access.redhat.com/errata/RHSA-2026:39810
CVE-2025-61726
CVE-2025-61729
CVE-2026-25679
CVE-2026-27137
CVE-2026-32280
CVE-2026-32281
CVE-2026-32282
CVE-2026-32283
CVE-2026-33810
CVE-2026-33811

+ RHSA-2026:39798 Important: python3.9 security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2026:39798
CVE-2026-15308

+ RHSA-2026:39771 Important: python3.12 security update
https://access.redhat.com/errata/RHSA-2026:39771
CVE-2026-15308

+ RHSA-2026:39576 Important: cifs-utils security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2026:39576
CVE-2026-12505

+ Google Chrome 151.0.7922.34/.35 released
https://chromereleases.googleblog.com/2026/07/early-stable-update-for-desktop.html

+ Mozilla Firefox 152.0.6 released
https://www.firefox.com/en-US/firefox/152.0.6/releasenotes/

+ nginx 1.31.3. 1.30.4 released
https://nginx.org/en/CHANGES
https://nginx.org/en/CHANGES-1.30

+ K000162097: NGINX map directive and regex matching vulnerability CVE-2026-42533
https://my.f5.com/manage/s/article/K000162097
CVE-2026-42533

+ K000162100: NGINX ngx_http_slice_module vulnerability CVE-2026-60005
https://my.f5.com/manage/s/article/K000162100
CVE-2026-60005

+ K000162098: NGINX ngx_http_ssi_module vulnerability CVE-2026-56434
https://my.f5.com/manage/s/article/K000162098
CVE-2026-56434

+ Apache PDFBox 2.0.37 released
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&version=12356771

VU#529388 Privilege escalation vulnerability via unprotected IOCTL interface in Pegatron Tdelo64.sys
https://www.kb.cert.org/vuls/id/529388

VU#725167 node-forge Signature Forgery Vulnerabilities in RSA-PKCS and ED25519 Implementations
https://www.kb.cert.org/vuls/id/725167

基礎から分かる、AIエージェントのセキュリティー設計 第2回
AIエージェントのID管理に4つの課題、過剰な権限を持たせず「小さく」設計
https://xtech.nikkei.com/atcl/nxt/column/18/03687/071000002/?ST=nxt_thmit_security

ニュース解説
ニチレイ不正アクセス「東西両センターで障害」、井村屋は15日分納品を中止
https://xtech.nikkei.com/atcl/nxt/column/18/00001/11899/?ST=nxt_thmit_security

JVN#59875262 HYPER SBI 2のインストーラにおけるDLL読み込みに関する脆弱性
https://jvn.jp/jp/JVN59875262/index.html

JVNVU#91295052 Siemens製品に対するアップデート(2026年7月)
https://jvn.jp/vu/JVNVU91295052/index.html

JVNVU#91675472 CISA ICS Advisory / ICS Medical Advisory(2026年07月14日)
https://jvn.jp/vu/JVNVU91675472/index.html

0 件のコメント:

コメントを投稿