[월:] 2019년 08월

No Image

USN-4097-1: PHP vulnerabilities

2019-08-14 KENNETH 0

USN-4097-1: PHP vulnerabilities php7.0, php7.2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary PHP could be made to crash or execute arbitrary code if it received specially crafted image. Software Description php7.2 – HTML-embedded scripting language interpreter php7.0 – HTML-embedded scripting language interpreter Details It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libapache2-mod-php7.2 – 7.2.19-0ubuntu0.19.04.2 php7.2-cgi – 7.2.19-0ubuntu0.19.04.2 php7.2-cli – 7.2.19-0ubuntu0.19.04.2 php7.2-fpm – 7.2.19-0ubuntu0.19.04.2 php7.2-xmlrpc – 7.2.19-0ubuntu0.19.04.2 Ubuntu 18.04 LTS libapache2-mod-php7.2 – 7.2.19-0ubuntu0.18.04.2 php7.2-cgi – 7.2.19-0ubuntu0.18.04.2 php7.2-cli – 7.2.19-0ubuntu0.18.04.2 php7.2-fpm – 7.2.19-0ubuntu0.18.04.2 php7.2-xmlrpc – 7.2.19-0ubuntu0.18.04.2 Ubuntu 16.04 LTS libapache2-mod-php7.0 [ more… ]

[도서] [예약판매] 블러드본 아트웍스

2019-08-14 KENNETH 0

[도서] [예약판매] 블러드본 아트웍스 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서][예약판매] 블러드본 아트웍스 소니인터렉티브엔터테인먼트,프롬소프트웨어 저/편집부 역 | 비엘북스 | 2019년 08월 판매가 31,500원 (10%할인) | YES포인트 1,750원(5%지급) [블러드본(Bloodborne)]은 저주받은 어둠의 도시 야남에서 벌어지는 액션 롤플레잉 게임이다. [아머드 코어], [다크소울] 시리즈로 유명한 프롬소프트웨어에서 개발되어 소니 인터렉티브 엔터테인먼트의 PS4 독점작 Source: [도서] [예약판매] 블러드본 아트웍스

No Image

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

2019-08-14 KENNETH 0

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities Today we are releasing updates to NGINX Open Source and NGINX Plus in response to the vulnerabilities recently discovered in the HTTP/2 protocol. We strongly recommend upgrading all systems that have HTTP/2 enabled. In May 2019, researchers at Netflix discovered a number of security vulnerabilities in several HTTP/2 server implementations. These were responsibly reported to each of the vendors and maintainers concerned. NGINX was vulnerable to three attack vectors, as detailed in the following CVEs: CVE-2019-9511 (Data dribble) CVE-2019-9513 (Resource loop) CVE-2019-9516 (Zero‑length headers leak) We have addressed these vulnerabilities, and added other HTTP/2 security safeguards, in the following NGINX versions: NGINX 1.16.1 (stable) NGINX 1.17.3 (mainline) NGINX Plus R18 P1 The post NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities appeared first on NGINX. Source: NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

No Image

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

2019-08-14 KENNETH 0

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction. The affected … Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) Read More » Source: Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

No Image

August 2019 Security Updates

2019-08-14 KENNETH 0

August 2019 Security Updates We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of … August 2019 Security Updates Read More » Source: August 2019 Security Updates