[월:] 2019년 02월

No Image

USN-3881-1: Dovecot vulnerability

2019-02-05 KENNETH 0

USN-3881-1: Dovecot vulnerability dovecot vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Dovecot could be made to expose sensitive information over the network. Software Description dovecot – IMAP and POP3 email server Details It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 dovecot-core – 1:2.3.2.1-1ubuntu3.1 Ubuntu 18.04 LTS dovecot-core – 1:2.2.33.2-1ubuntu4.2 Ubuntu 16.04 LTS dovecot-core – 1:2.2.22-1ubuntu2.9 Ubuntu 14.04 LTS dovecot-core – 1:2.2.9-1ubuntu2.5 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary [ more… ]

No Image

What is LOAD DATA and how does it work

2019-02-05 KENNETH 0

What is LOAD DATA and how does it work I would like to highlight a less known MySQL SQL command, analyze how it works and understand some of the decisions that need to be made when using it. Let’s start with the basics: The Reference Manual. It does have a lot to say about LOAD DATA.… Source: What is LOAD DATA and how does it work

No Image

RHSA-2019:0275-1: Important: rh-haproxy18-haproxy security update

2019-02-05 KENNETH 0

RHSA-2019:0275-1: Important: rh-haproxy18-haproxy security update Red Hat Enterprise Linux: An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2018-20615 Source: RHSA-2019:0275-1: Important: rh-haproxy18-haproxy security update

No Image

RHSA-2019:0271-1: Important: systemd security update

2019-02-05 KENNETH 0

RHSA-2019:0271-1: Important: systemd security update Red Hat Enterprise Linux: An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2018-16864, CVE-2018-16865 Source: RHSA-2019:0271-1: Important: systemd security update

No Image

USN-3880-2: Linux kernel (Trusty HWE) vulnerabilities

2019-02-05 KENNETH 0

USN-3880-2: Linux kernel (Trusty HWE) vulnerabilities linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary Several security issues were fixed in the Linux kernel. Software Description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise ESM Details USN-3880-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service (client system crash). (CVE-2018-1066) Jann Horn discovered that the procfs file system implementation in the Linux kernel did [ more… ]