[월:] 2017년 03월

No Image

USN-3233-1: Thunderbird vulnerabilities

2017-03-25 KENNETH 0

USN-3233-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3233-1 24th March, 2017 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Thunderbird. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user weretricked in to opening a specially crafted website in a browsing context,an attacker could potentially exploit these to bypass same originrestrictions, obtain sensitive information, cause a denial of service viaapplication crash or hang, or execute arbitrary code. (CVE-2017-5398,CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405,CVE-2017-5407, CVE-2017-5408, CVE-2017-5410) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: thunderbird 1:45.8.0+build1-0ubuntu0.16.10.1 Ubuntu 16.04 LTS: thunderbird 1:45.8.0+build1-0ubuntu0.16.04.1 Ubuntu 14.04 LTS: thunderbird 1:45.8.0+build1-0ubuntu0.14.04.1 Ubuntu 12.04 [ more… ]

How the UWP Community Toolkit helps Windows developers easily create well-designed and user-friendly apps

2017-03-25 KENNETH 0

How the UWP Community Toolkit helps Windows developers easily create well-designed and user-friendly apps In August 2016, we introduced the open-source UWP Community Toolkit. It simplifies app development and enables developers to collaborate and contribute new capabilities on top of the Windows SDK for Windows 10. Developers can leverage the UWP Community Toolkit to build UWP apps for any Windows 10 device, including PC, mobile, Xbox, the Internet of Things and Hololens. We recently caught up with two developers who have used the toolkit to help create their apps. Hermit Dave developed the Daily Mail Online app for Windows. It’s the official Windows app for the Daily Mail, a British newspaper. David Bottiau is a member of the Github organization, UWP Squad. He developed a Windows 10 app for TVShow Time, a site that helps you track your favorite TV [ more… ]

CSS Custom Properties in Microsoft Edge

2017-03-25 KENNETH 0

CSS Custom Properties in Microsoft Edge Beginning with EdgeHTML 15 in the Windows 10 Creators Update, Microsoft Edge introduces support for CSS Custom Properties, a new primitive value type to fully cascade variables across CSS properties. You can preview CSS Custom Properties in Windows Insider Preview builds beginning with EdgeHTML 15.15061. Check out our Custom Properties Pooch demo to see them in action! Check out our Custom Properties Pooch demo to see CSS Custom Properties in action! What are CSS Custom Properties? SASS/LESS and other pre-processors have been offering variables in CSS for years, which is one of the reasons why, in an informal poll, ~75% of polled web developers incorporate these tools in their day to day workflow. However, the biggest downfall of these tools is that they are effectively a “find & replace” of the specified value. This [ more… ]

No Image

USN-3239-3: GNU C Library regression

2017-03-24 KENNETH 0

USN-3239-3: GNU C Library regression Ubuntu Security Notice USN-3239-3 24th March, 2017 eglibc regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary USN-3239-1 introduced a regression in the GNU C Library. Software description eglibc – GNU C Library Details USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately,the fix for CVE-2016-3706 introduced a regression that in somecircumstances prevented IPv6 addresses from resolving. This updatereverts the change in Ubuntu 12.04 LTS. We apologize for the error. Original advisory details: It was discovered that the GNU C Library incorrectly handled the strxfrm() function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982) It was discovered that an integer overflow existed in the _IO_wstr_overflow() function of [ more… ]