[월:] 2016년 09월

No Image

USN-3079-1: WebKitGTK+ vulnerabilities

2016-09-14 KENNETH 0

USN-3079-1: WebKitGTK+ vulnerabilities Ubuntu Security Notice USN-3079-1 14th September, 2016 webkit2gtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software description webkit2gtk – JavaScript engine library from WebKitGTK+ – GObject introspection Details A large number of security issues were discovered in the WebKitGTK+ Web andJavaScript engines. If a user were tricked into viewing a maliciouswebsite, a remote attacker could exploit a variety of issues related to webbrowser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: libwebkit2gtk-4.0-37 2.12.5-0ubuntu0.16.04.1 libjavascriptcoregtk-4.0-18 2.12.5-0ubuntu0.16.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, which includes additional bugfixes. After a standard [ more… ]

No Image

RHBA-2016:1866-1: Satellite 5.6 bug fix update

2016-09-14 KENNETH 0

RHBA-2016:1866-1: Satellite 5.6 bug fix update RHN Satellite and Proxy: Updated spacewalk-utils, spacewalk-java, spacewalk-schema, spacewalk-backend packages that fix four bugs are now available for Red Hat Satellite 5.6. Source: RHBA-2016:1866-1: Satellite 5.6 bug fix update

No Image

MySQL 8.0: Now documented with Doxygen!

2016-09-14 KENNETH 0

MySQL 8.0: Now documented with Doxygen! Starting with MySQL release 8.0.0, the source code is now commented using the Doxygen documentation generation tool. This project is long overdue … it has been a very well-worn issue, or an ever recurring wish, for the last 10 years. Well, not any more.… Source: MySQL 8.0: Now documented with Doxygen!

No Image

RHSA-2016:1865-1: Critical: flash-plugin security update

2016-09-14 KENNETH 0

RHSA-2016:1865-1: Critical: flash-plugin security update Red Hat Enterprise Linux: An update for flash-plugin is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-4271, CVE-2016-4272, CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4277, CVE-2016-4278, CVE-2016-4279, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-4287, CVE-2016-6921, CVE-2016-6922, CVE-2016-6923, CVE-2016-6924, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, CVE-2016-6932 Source: RHSA-2016:1865-1: Critical: flash-plugin security update

No Image

MS 9월 보안 위협에 따른 정기 보안 업데이트 권고

2016-09-14 KENNETH 0

원문 : http://krcert.or.kr/data/secNoticeView.do?bulletin_writing_sequence=24564   o 발표일 : 2016.9.14.(수) o 등급 : 긴급(Critical) 7종, 중요(Important) 7종 o 업데이트 내용 패치번호 KB번호 중요도 발생 위치 영향 MS16-104 KB3183038 긴급 Windows, Internet Explorer 원격코드실행 MS16-105 KB3183043 긴급 Windows, Edge 원격코드실행 MS16-106 KB3185848 긴급 Windows 원격코드실행 MS16-107 KB3185852 긴급 Office, Office Services 등 원격코드실행 MS16-108 KB3185883 긴급 Exchange 원격코드실행 MS16-109 KB3182373 중요 Windows 원격코드실행 MS16-110 KB3178467 중요 Windows 원격코드실행 MS16-111 KB3186973 중요 Windows 권한 상승 MS16-112 KB3178469 중요 Windows 권한 상승 MS16-113 KB3185876 중요 Windows 정보 노출 MS16-114 KB3185879 중요 Windows 원격코드실행 MS16-115 KB3188733 중요 Windows 정보 노출 MS16-116 KB3188724 긴급 Windows 원격코드실행 MS16-117 KB3188128 긴급 Windows, Adobe Flash Player 원격코드실행 [MS16-104] Internet Explorer 누적 보안 업데이트 □ 설명 o 이용자가 특수하게 제작된 악성 웹페이지를 방문하는 경우, 원격 코드 실행을 허용하는 취약점 o 관련취약점 : – 다중 메모리 손상 취약점(CVE-2016-3247, 3295, 3297, 3324, 3375) – [ more… ]