[월:] 2017년 02월

No Image

USN-3194-1: OpenJDK 7 vulnerabilities

2017-02-09 KENNETH 0

USN-3194-1: OpenJDK 7 vulnerabilities Ubuntu Security Notice USN-3194-1 8th February, 2017 openjdk-7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in OpenJDK 7. Software description openjdk-7 – Open Source Java implementation Details Karthik Bhargavan and Gaetan Leurent discovered that the DES andTriple DES ciphers were vulnerable to birthday attacks. A remoteattacker could possibly use this flaw to obtain clear text data fromlong encrypted sessions. This update moves those algorithms to thelegacy algorithm set and causes them to be used only if no non-legacyalgorithms can be negotiated. (CVE-2016-2183) It was discovered that OpenJDK accepted ECSDA signatures usingnon-canonical DER encoding. An attacker could use this to modify orexpose sensitive data. (CVE-2016-5546) It was discovered that OpenJDK did not properly verify objectidentifier (OID) length when reading Distinguished [ more… ]

Get Smart: Operational Intelligence for NGINX and NGINX Plus With Splunk Enterprise

2017-02-09 KENNETH 0

Get Smart: Operational Intelligence for NGINX and NGINX Plus With Splunk Enterprise Splunk® Enterprise is data collection and analysis software that makes it simple to act on the untapped value of the big data generated by your technology infrastructure, security systems, and business applications – giving you the insights to drive operational performance and business results. NGINX, Inc. and Splunk have teamed up to offer the Splunk Add‑On for NGINX and NGINX Plus, which assists with indexing both NGINX log data and NGINX Plus API data, so you can glean valuable information about your NGINX or NGINX Plus deployment and the applications running within your infrastructure. This blog provides step‑by‑step instructions for downloading and configuring the Add‑On, including the following topics: Installing the Splunk Add‑On for NGINX and NGINX Plus Installing the Splunk universal forwarder Configuring logging for NGINX and NGINX Plus Enabling the Splunk Add‑On to [ more… ]

No Image

USN-3180-1: Oxide vulnerabilities

2017-02-09 KENNETH 0

USN-3180-1: Oxide vulnerabilities Ubuntu Security Notice USN-3180-1 8th February, 2017 oxide-qt vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Oxide. Software description oxide-qt – Web browser engine for Qt (QML plugin) Details Multiple vulnerabilities were discovered in Chromium. If a user weretricked in to opening a specially crafted website, an attacker couldpotentially exploit these to conduct cross-site scripting (XSS) attacks,read uninitialized memory, obtain sensitive information, spoof thewebview URL or other UI components, bypass same origin restrictions orother security restrictions, cause a denial of service via applicationcrash, or execute arbitrary code. (CVE-2017-5006, CVE-2017-5007,CVE-2017-5008, CVE-2017-5009, CVE-2017-5010, CVE-2017-5011, CVE-2017-5012,CVE-2017-5014, CVE-2017-5017, CVE-2017-5019, CVE-2017-5022, CVE-2017-5023,CVE-2017-5024, CVE-2017-5025, CVE-2017-5026) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: liboxideqtcore0 [ more… ]

MARS future looking sweeter with Microsoft technology

2017-02-09 KENNETH 0

MARS future looking sweeter with Microsoft technology Whether it’s grabbing gum at checkout, satisfying late-afternoon hunger with a Milky Way ®, or even buying pet food for that unconditional loving best friend, we’ve all been surrounded by MARS products and might not even know it! As a century-old family-owned business, MARS has certainly found its recipe for success. The company has made $35 billion in global sales by putting people first in everything they do. With 60 brands across six segments from food, drinks, chocolate, confectionary (gum), pet care and symbioscience, the company is more than just sweet treats. MARS understands a long-term vision that is committed to product, technology and workplace innovation based on the company’s Five Principles– Quality, Responsibility, Mutuality, Efficiency and Freedom. MARS has long valued a workplace that encourages mutuality and open communication among all Associates. [ more… ]

어느 소년의 승룡권

2017-02-09 KENNETH 0

  1990년대 초반, 전국의 게이머들을 휘감아버린 하나의 선풍이 있었다. 이제는 전설로 남은 이름 ’스트리트 파이터2’. 그 선풍에 휘말린 수많은 사람 가운데 어느 열혈 격투소년이 있었다. 소년의 사용케릭터는 류. 하얀 도복에 검은 띠를 매고 호쾌한 기술을 날리는 류가 소년의 눈에는 자신의 이상으로 비쳤었나보다.   초기의 류에겐 ’파동권’, ’용권선풍각’, ’승룡권’이라는 3가지 필살기가 있었는데, 그중에서도 소년이 가장 좋아한 기술은 승룡권이었다. ’어-류겐!’이라는 호쾌한 기합소리와 함께 상대에게 어퍼를 날리며 하늘 높이 올라가는 모습은 그야말로 필살. 위력은 전작인 1에서 대폭 하향 조정 되었지만, 그 호쾌한 몸동작과 기합소리, 기술이 발동된 순간부터는 상대의 어떠한 공격도 완전히 무시해버린다는 무적시간의 존재를 통해 승룡권은 소년의 마음을 사로잡아버린 것이다.   소년이 쓰는 승룡권은 언제나 强이었다. 물론 弱으로 하는 것이 여러 가지 면에서 이점이 많다는 것쯤은 알고 있었다. 착지시 생기는 강승룡권의 헛점때문에 대전에서 아깝게 패하는 경우도 많았다. 주위로부터 바보스럽다는 핀잔을 들을 때마다 소년은 말했다. ”단순히 이기기 위해서 승룡권을 약으로 쓰는 것은 용납할 수 [ more… ]