[월:] 2016년 01월

No Image

USN-2875-1: libxml2 vulnerabilities

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2875-1 19th January, 2016 libxml2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary libxml2 could be made to crash if it opened a specially crafted file. Software description libxml2 – GNOME XML library Details It was discovered that libxml2 incorrectly handled certain malformeddocuments. If a user or automated system were tricked into opening aspecially crafted document, an attacker could possibly cause libxml2 tocrash, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: libxml2 2.9.2+zdfsg1-4ubuntu0.3 Ubuntu 15.04: libxml2 2.9.2+dfsg1-3ubuntu0.3 Ubuntu 14.04 LTS: libxml2 2.9.1+dfsg1-3ubuntu4.7 Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.14 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your [ more… ]

The HTTP/2 Module in NGINX

2016-01-20 KENNETH 0

The following is adapted from a talk given by Valentin V. Bartenev at nginx.conf 2015, held in San Francisco in September. You can view the video presentation here. For more about HTTP/2, see our blog post, 7 Tips to Improve HTTP/2 Performance. Table of Contents What is HTTP/2 and when should we use it? This post gives a brief overview of key characeristics and benefits of this new protocol. It also explains when and how to use the HTTP/2 module in NGINX for the best performance benefit. 0:20 Overview of the Protocol 1:40 Key Features of HTTP/2 3:08 HTTP/2 Inside: Binary 4:26 HTTP/2 Inside: Multiplexing 7:09 Key Features of HTTP/2 – Header Compression 8:40 Key Features of HTTP/2 – Prioritization 10:06 History 10:16 Test Page 10:52 Test Environment 11:02 DOM Load 11:48 First Painting 12:45 Configuration 14:20 Questions and Answers [ more… ]

No Image

USN-2870-2: Linux kernel (Trusty HWE) vulnerability

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2870-2 19th January, 2016 linux-lts-trusty vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty Details Yevgeny Pats discovered that the session keyring implementation in theLinux kernel did not properly reference count when joining an existingsession keyring. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code withadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-3.13.0-76-generic 3.13.0-76.120~precise1 linux-image-3.13.0-76-generic-lpae 3.13.0-76.120~precise1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to [ more… ]

No Image

USN-2870-1: Linux kernel vulnerability

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2870-1 19th January, 2016 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel Details Yevgeny Pats discovered that the session keyring implementation in theLinux kernel did not properly reference count when joining an existingsession keyring. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code withadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: linux-image-3.13.0-76-generic-lpae 3.13.0-76.120 linux-image-3.13.0-76-lowlatency 3.13.0-76.120 linux-image-3.13.0-76-powerpc-e500mc 3.13.0-76.120 linux-image-3.13.0-76-powerpc-smp 3.13.0-76.120 linux-image-3.13.0-76-powerpc64-smp 3.13.0-76.120 linux-image-3.13.0-76-powerpc-e500 3.13.0-76.120 linux-image-3.13.0-76-generic 3.13.0-76.120 linux-image-3.13.0-76-powerpc64-emb 3.13.0-76.120 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer [ more… ]

No Image

USN-2871-1: Linux kernel vulnerability

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2871-1 19th January, 2016 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.04 Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel Details Yevgeny Pats discovered that the session keyring implementation in theLinux kernel did not properly reference count when joining an existingsession keyring. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code withadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.04: linux-image-3.19.0-47-powerpc-e500mc 3.19.0-47.53 linux-image-3.19.0-47-powerpc64-emb 3.19.0-47.53 linux-image-3.19.0-47-powerpc-smp 3.19.0-47.53 linux-image-3.19.0-47-powerpc64-smp 3.19.0-47.53 linux-image-3.19.0-47-lowlatency 3.19.0-47.53 linux-image-3.19.0-47-generic 3.19.0-47.53 linux-image-3.19.0-47-generic-lpae 3.19.0-47.53 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary [ more… ]