No Image

RHBA-2018:0261-1: Red Hat Certification bug fix and enhancement update

2018-02-01 KENNETH 0

RHBA-2018:0261-1: Red Hat Certification bug fix and enhancement update Red Hat Enterprise Linux: An updated redhat-certification package that fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Source: RHBA-2018:0261-1: Red Hat Certification bug fix and enhancement update

No Image

Amazon EC2 인스턴스 내부 네트워크 대역폭 상향

2018-02-01 KENNETH 0

Amazon EC2 인스턴스 내부 네트워크 대역폭 상향 2016년 중반에 출시한  ENA(Elastic Network Adapter)를 여러분의 EC2 인스턴스에 사용하고 있을 것으로 생각합니다. ENA는 높은 데이터 처리량과 낮은 지연 시간을 제공하는 동시에 호스트 프로세서의 부하를 최소화 하는 가상 네트워크 인터페이스입니다. 복수의 전송 및 수신 대기열이 지원하는 지능적인 패킷 라우팅이 가능한 ENA는 여러 vCPU가 존재하는 환경에서 이상적으로 작동하도록 설계되었습니다. 오늘 부터 모든 AWS 리전에서 ENA를 사용하여 내부 네트워크를 활용하는 경우, 더 많은 대역폭에 대한 액세스를 제공합니다. 다음은 구체적인 제공 내역입니다(각 경우, 실제 대역폭은 인스턴스 유형과 크기에 따라 달라짐). EC2 대 S3 – Amazon Simple Storage Service(S3)는 이제 최대 25Gbps의 대역폭을 활용할 수 있습니다. 이전에는 이 유형의 트래픽이 5Gbps의 대역폭을 이용할 수 있었습니다. 이 변화는 S3에서 대량의 데이터를 액세스하거나 백업 또는 복원을 위해 S3을 활용하는 애플리케이션에 혜택을 제공합니다. EC2 대 EC2 – 한 리전 내의 동일한 가용 영역 또는 다른 가용 영역에 있는 EC2 인스턴스와 [ more… ]

No Image

USN-3554-1: curl vulnerabilities

2018-02-01 KENNETH 0

USN-3554-1: curl vulnerabilities Ubuntu Security Notice USN-3554-1 31st January, 2018 curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in curl. Software description curl – HTTP, HTTPS, and FTP client and client libraries Details It was discovered that curl incorrectly handled certain data. An attackercould possibly use this to cause a denial of service or even to get accessto sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that curl could accidentally leak authentication data.An attacker could possibly use this to get access to sensitive information.(CVE-2018-1000007) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: libcurl3-nss 7.55.1-1ubuntu2.3 curl 7.55.1-1ubuntu2.3 libcurl3-gnutls 7.55.1-1ubuntu2.3 libcurl3 7.55.1-1ubuntu2.3 Ubuntu 16.04 LTS: libcurl3-nss [ more… ]

No Image

USN-3554-2: curl vulnerability

2018-02-01 KENNETH 0

USN-3554-2: curl vulnerability Ubuntu Security Notice USN-3554-2 31st January, 2018 curl vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary curl could be made to expose sensitive information. Software description curl – HTTP, HTTPS, and FTP client and client libraries Details USN-3554-1 fixed vulnerabilities in curl. This updateprovides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that curl could accidentally leak authentication data. An attacker could possibly use this to get access to sensitive information. (CVE-2018-1000007) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: libcurl3-nss 7.22.0-3ubuntu4.20 curl 7.22.0-3ubuntu4.20 libcurl3-gnutls 7.22.0-3ubuntu4.20 libcurl3 7.22.0-3ubuntu4.20 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2018-1000007 Source: USN-3554-2: [ more… ]

No Image

USN-3552-1: Firefox vulnerability

2018-02-01 KENNETH 0

USN-3552-1: Firefox vulnerability Ubuntu Security Notice USN-3552-1 31st January, 2018 firefox vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Firefox could be made to run programs as your login if it opened a malicious website. Software description firefox – Mozilla Open Source web browser Details Johann Hofmann discovered that HTML fragments created forchrome-privileged documents were not properly sanitized. An attackercould exploit this to execute arbitrary code. (CVE-2018-5124) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: firefox 58.0.1+build1-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: firefox 58.0.1+build1-0ubuntu0.16.04.1 Ubuntu 14.04 LTS: firefox 58.0.1+build1-0ubuntu0.14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart Firefox to makeall the necessary changes. References CVE-2018-5124 Source: USN-3552-1: Firefox vulnerability