[월:] 2018년 11월

No Image

USN-3817-2: Python vulnerabilities

2018-11-15 KENNETH 0

USN-3817-2: Python vulnerabilities python2.7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary Several security issues were fixed in Python. Software Description python2.7 – An interactive high-level object-oriented language Details USN-3817-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000030) It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000802) It was discovered that Python incorrectly used regular expressions vulnerable to [ more… ]

No Image

Importing Data from MongoDB to MySQL using Python

2018-11-15 KENNETH 0

Importing Data from MongoDB to MySQL using Python MySQL Shell 8.0.13 (GA) introduced a new feature to allow you to easily import JSON documents to MySQL. The basics of this new feature were described in a previous blog post. In this blog we we will provide more details about this feature, focusing on a practical use case of interest for to many: How to import JSON data from MongoDB to MySQL.… Source: Importing Data from MongoDB to MySQL using Python

No Image

MySQL 8.0.13: Change Current Password Policy

2018-11-15 KENNETH 0

MySQL 8.0.13: Change Current Password Policy We have introduced a new policy for you to enforce on your non-privileged users. It requires their current password at the time they set a new password. It is optional and off by default. You can control it globally (for all non-privileged users) or on a per-user basis.… Source: MySQL 8.0.13: Change Current Password Policy

No Image

USN-3823-1: Linux kernel vulnerabilities

2018-11-15 KENNETH 0

USN-3823-1: Linux kernel vulnerabilities linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary Several security issues were mitigated in the Linux kernel. Software Description linux – Linux kernel Details It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646) It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault [ more… ]

No Image

USN-3822-2: Linux kernel (Trusty HWE) vulnerabilities

2018-11-15 KENNETH 0

USN-3822-2: Linux kernel (Trusty HWE) vulnerabilities linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary Several security issues were fixed in the Linux kernel. Software Description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise ESM Details USN-3822-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash). (CVE-2016-9588) It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker [ more… ]