2018년 11월 – 페이지 3 – 지락문화예술공작단

USN-3795-3: libssh regression

2018-11-29 KENNETH 0

USN-3795-3: libssh regression libssh regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary USN-3795-1 and USN-3795-2 introduced a regression in libssh. Software Description libssh – A tiny C SSH library Details USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem. Original advisory details: Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 libssh-4 – 0.8.1-1ubuntu0.3 Ubuntu 18.04 LTS libssh-4 – 0.8.0~20170825.94fa1e38-1ubuntu0.2 Ubuntu 16.04 LTS libssh-4 – 0.6.3-4.3ubuntu0.2 Ubuntu 14.04 LTS libssh-4 – 0.6.1-0ubuntu3.5 To update your system, please follow [ more… ]

USN-3831-1: Ghostscript vulnerabilities

2018-11-29 KENNETH 0

USN-3831-1: Ghostscript vulnerabilities ghostscript vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Ghostscript. Software Description ghostscript – PostScript and PDF interpreter Details It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 ghostscript – 9.26~dfsg+0-0ubuntu0.18.10.1 libgs9 – 9.26~dfsg+0-0ubuntu0.18.10.1 Ubuntu 18.04 LTS ghostscript – 9.26~dfsg+0-0ubuntu0.18.04.1 libgs9 – 9.26~dfsg+0-0ubuntu0.18.04.1 Ubuntu 16.04 LTS ghostscript – 9.26~dfsg+0-0ubuntu0.16.04.1 libgs9 – 9.26~dfsg+0-0ubuntu0.16.04.1 Ubuntu 14.04 LTS ghostscript – 9.26~dfsg+0-0ubuntu0.14.04.1 libgs9 – 9.26~dfsg+0-0ubuntu0.14.04.1 To [ more… ]

RHSA-2018:3731-1: Important: rh-ruby25-ruby security, bug fix, and enhancement update

2018-11-29 KENNETH 0

RHSA-2018:3731-1: Important: rh-ruby25-ruby security, bug fix, and enhancement update Red Hat Enterprise Linux: An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780 Source: RHSA-2018:3731-1: Important: rh-ruby25-ruby security, bug fix, and enhancement update

RHSA-2018:3730-1: Important: rh-ruby24-ruby security, bug fix, and enhancement update

2018-11-29 KENNETH 0

RHSA-2018:3730-1: Important: rh-ruby24-ruby security, bug fix, and enhancement update Red Hat Enterprise Linux: An update for rh-ruby24-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780 Source: RHSA-2018:3730-1: Important: rh-ruby24-ruby security, bug fix, and enhancement update

RHSA-2018:3729-1: Important: rh-ruby23-ruby security, bug fix, and enhancement update

2018-11-29 KENNETH 0

RHSA-2018:3729-1: Important: rh-ruby23-ruby security, bug fix, and enhancement update Red Hat Enterprise Linux: An update for rh-ruby23-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780 Source: RHSA-2018:3729-1: Important: rh-ruby23-ruby security, bug fix, and enhancement update