[월:] 2016년 04월

No Image

Extending the SYS schema to show metadata locks

2016-04-06 KENNETH 0

Extending the SYS schema to show metadata locks Starting with MySQL 5.7, performance_schema has been enhanced to instrument metadata locks, and can be turned on by adding the following line to your my.cnf file: performance-schema-instrument=’wait/lock/metadata/sql/%=ON’ (At runtime, it can also be enabled by modifying the setup_instruments table in performance_schema.) From here, you can now query performance_schema.metadata_locks to reveal all currently open metadata locks on your server: mysqlselect * from performance_schema.metadata_locksG *************************** 1. … Source: Extending the SYS schema to show metadata locks

No Image

RHSA-2016:0601-1: Important: bind security update

2016-04-06 KENNETH 0

RHSA-2016:0601-1: Important: bind security update Red Hat Enterprise Linux: An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-1285, CVE-2016-1286 Source: RHSA-2016:0601-1: Important: bind security update

No Image

USN-2947-2: Linux kernel (Wily HWE) vulnerabilities

2016-04-06 KENNETH 0

USN-2947-2: Linux kernel (Wily HWE) vulnerabilities Ubuntu Security Notice USN-2947-2 6th April, 2016 linux-lts-wily vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-wily – Linux hardware enablement kernel from Wily for Trusty Details Ralf Spenneberg discovered that the usbvision driver in the Linux kerneldid not properly sanity check the interfaces and endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7833) Venkatesh Pottem discovered a use-after-free vulnerability in the Linuxkernel's CXGB3 driver. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code. (CVE-2015-8812) Xiaofei Rex Guo discovered a timing side channel vulnerability in the LinuxExtended Verification Module (EVM). An attacker could use this to affectsystem integrity. (CVE-2016-2085) [ more… ]

No Image

USN-2947-3: Linux kernel (Raspberry Pi 2) vulnerabilities

2016-04-06 KENNETH 0

USN-2947-3: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-2947-3 6th April, 2016 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary Several security issues were fixed in the kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Ralf Spenneberg discovered that the usbvision driver in the Linux kerneldid not properly sanity check the interfaces and endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7833) Venkatesh Pottem discovered a use-after-free vulnerability in the Linuxkernel's CXGB3 driver. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code. (CVE-2015-8812) Xiaofei Rex Guo discovered a timing side channel vulnerability in the LinuxExtended Verification Module (EVM). An attacker could use this to affectsystem integrity. (CVE-2016-2085) It was [ more… ]