No Image

USN-4323-1: Firefox vulnerabilities

2020-04-08 KENNETH 0

USN-4323-1: Firefox vulnerabilities firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Firefox could be made to crash or run programs as your login if it opened a malicious website. Software Description firefox – Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6821, CVE-2020-6822, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826) It was discovered that extensions could obtain auth codes from OAuth login flows in some circumstances. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain access to the user’s account. (CVE-2020-6823) Update instructions [ more… ]

[도서] 스윗한 SwiftUI

2020-04-07 KENNETH 0

[도서] 스윗한 SwiftUI 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]스윗한 SwiftUI 이봉원 저 | 비제이퍼블릭(BJ퍼블릭) | 2020년 04월 판매가 28,800원 (10%할인) | YES포인트 1,600원(5%지급) 이벤트 : IT모바일 예약판매 이벤트 더 우수한 앱을 더 적은 코드로! SwiftUI를 활용한 스마트한 iOS 앱 개발 길라잡이 애플이 UIKit를 지원하기 시작한 지 11년, 그리고 Swift를 발표한 지 5년 만에 드디어 Swift를 기반으로 처음부터 완전히 새로 Source: [도서] 스윗한 SwiftUI

No Image

Announcing NGINX Plus R21

2020-04-07 KENNETH 0

Announcing NGINX Plus R21 We are pleased to announce that NGINX Plus Release 21 (R21) is now available. Based on NGINX Open Source, NGINX Plus is the only all-in-one load balancer, content cache, web server, and API gateway. With more than 450 million web sites relying on NGINX, NGINX Plus R21 is more reliable and more secure than ever before, primarily focusing on bug fixes and stability improvements from NGINX Open Source. New features of NGINX Plus R21 include: Dynamic gRPC proxying – We’ve added variable support when passing gRPC connections to backend gRPC services. This enables you to dynamically route gRPC connections to groups of services based on client attributes. NGINX JavaScript module enhancements – The NGINX JavaScript module (njs) has been updated to version 0.3.9, with several bug fixes and additional functional enhancements related to subrequests and filesystem support. Important Changes in Behavior [ more… ]

No Image

USN-4322-1: GnuTLS vulnerability

2020-04-07 KENNETH 0

USN-4322-1: GnuTLS vulnerability gnutls28 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Summary GnuTLS could expose sensitive information over the network. Software Description gnutls28 – GNU TLS library Details It was discovered that GnuTLS incorrectly handled randomness when performing DTLS negotiation. A remote attacker could possibly use this issue to obtain sensitive information, contrary to expectations. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 libgnutls30 – 3.6.9-5ubuntu1.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2020-11501 Source: USN-4322-1: GnuTLS vulnerability

No Image

USN-4321-1: HAProxy vulnerability

2020-04-07 KENNETH 0

USN-4321-1: HAProxy vulnerability haproxy vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Summary HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 request. Software Description haproxy – fast and reliable load balancing reverse proxy Details Felix Wilhelm discovered that HAProxy incorrectly handled certain HTTP/2 requests. An attacker could possibly use this to execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 haproxy – 2.0.5-1ubuntu0.4 Ubuntu 18.04 LTS haproxy – 1.8.8-1ubuntu0.10 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2020-11100 Source: USN-4321-1: HAProxy vulnerability