[월:] 2020년 04월

No Image

USN-4333-2: Python vulnerabilities

2020-04-30 KENNETH 0

USN-4333-2: Python vulnerabilities python3.8 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Summary Several security issues were fixed in Python. Software Description python3.8 – Interactive high-level object-oriented language (version 3.8) Details USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348) It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS python3.8 – 3.8.2-1ubuntu1.1 python3.8-minimal – 3.8.2-1ubuntu1.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a [ more… ]

AWS Glue를 활용한 서버리스 스트리밍 ETL 기능 출시

2020-04-30 KENNETH 0

AWS Glue를 활용한 서버리스 스트리밍 ETL 기능 출시 데이터를 분석할 때, 가장 먼저 취하는 방법은 일괄(Batch) 처리 모델입니다. 일정 기간 동안 데이터를 수집한 다음, 분석 도구에 넣는 것입니다. 신속히 대응하려면 스트리밍(Streaming) 모델을 사용할 수 있습니다. 이 모델에서는 데이터가 도착하는 대로 처리하거나, 한 번에 레코드 하나씩 처리하거나, 10개, 100개, 1,000개 단위의 마이크로 배치로 레코드를 처리합니다. 연속적인 입력 파이프라인을 관리하고 즉석에서 데이터를 처리하는 작업은 상당히 복잡한데, 그 이유는 관리와 패치, 확장이 필요하고 전반적으로 돌봐야 하는 상시 가동 시스템이기 때문입니다. 오늘부터 Apache Spark에 기반하여 확장하여 스트리밍 플랫폼(예: Amazon Kinesis Data Streams, Apache Kafka(완전관리형 Amazon MSK 포함))에서 데이터를 연속적으로 실행하고 사용함으로써 이 작업이 더욱 간편해지고 비용이 절감할 수 있게 됩니다. AWS Glue가 Amazon S3의 데이터 레이크, Amazon Redshift의 데이터 웨어하우스 또는 다른 데이터 스토어에 입력하는 데 필요한 인프라를 프로비저닝, 관리 및 확장할 수 있습니다. 예를 들어 DynamoDB 테이블에 스트리밍 데이터를 저장하여 빠르게 조회하거나, Elasticsearch에 [ more… ]

No Image

WordPress 5.4.1

2020-04-30 KENNETH 0

WordPress 5.4.1 WordPress 5.4.1 is now available! This security and maintenance release features 17 bug fixes in addition to 7 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.4.1 is a short-cycle security and maintenance release. The next major release will be version 5.5. You can download WordPress 5.4.1 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now. If you have sites that support automatic background updates, they’ve already started the update process. Security Updates Seven security issues affect WordPress versions 5.4 and earlier. If you haven’t yet updated to 5.4, all WordPress versions since 3.7 have also been updated to fix the following security issues: Props to Muaz Bin Abdus Sattar and Jannes who both [ more… ]

Announcing Windows 10 Insider Preview Build 19619

2020-04-30 KENNETH 0

Announcing Windows 10 Insider Preview Build 19619 Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 19619.1000 to Windows Insiders in the Fast ring. You can check out our Windows Insider Program documentation here, including a list of all the new features and updates released in builds so far. Not seeing any of the features in this build? Check your Windows Insider Settings to make sure you’re on the Fast ring. Submit feedback here to let us know if things weren’t working the way you expected. If you want a complete look at what build is in which Insider ring, head over to Flight Hub. Please note, there will be a slight delay between when a build is flighted and when Flight Hub is updated. Other updates for Insiders Easy access to COVID-19 info in your search box [ more… ]

No Image

USN-4341-2: Samba vulnerability

2020-04-30 KENNETH 0

USN-4341-2: Samba vulnerability samba vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Summary Samba could be made to consume resources if it received a specially crafted LDAP query. Software Description samba – SMB/CIFS file, print, and login server for Unix Details USN-4341-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM samba – 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm6 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary [ more… ]