[월:] 2020년 07월

No Image

USN-4431-1: FFmpeg vulnerabilities

2020-07-23 KENNETH 0

USN-4431-1: FFmpeg vulnerabilities It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see: https://usn.ubuntu.com/usn/usn-3967-1 (CVE-2018-15822, CVE-2019-11338) It was discovered that FFmpeg incorrectly handled sscanf failures. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-12730) It was discovered that FFmpeg incorrectly handled certain WEBM files. An attacker could possibly use this issue to obtain sensitive data or other unspecified impact. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-13312) It was discovered that FFmpeg incorrectly handled certain AVI files. An attacker could [ more… ]

[도서] ZOOM IN 블록체인

2020-07-22 KENNETH 0

[도서] ZOOM IN 블록체인 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]ZOOM IN 블록체인 블록킹팀 저 | 아이콕스(iCox) | 2020년 07월 판매가 13,500원 (10%할인) | YES포인트 750원(5%지급) 블록체인과 암호화폐의 실체가 궁금한 사람들의 필독서! ‘블록체인’하면 연상되는 이미지는 무엇일까? 일반 사람들 중에 명확한 이미지나 개념을 떠올리는 사람은 거의 없을 것이다. ‘블록체인’이 가지고 있 Source: [도서] ZOOM IN 블록체인

No Image

USN-4430-1: Pillow vulnerabilities

2020-07-22 KENNETH 0

USN-4430-1: Pillow vulnerabilities It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Source: USN-4430-1: Pillow vulnerabilities

No Image

USN-4428-1: Python vulnerabilities

2020-07-22 KENNETH 0

USN-4428-1: Python vulnerabilities It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907) It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 [ more… ]

No Image

USN-4429-1: Evolution Data Server vulnerability

2020-07-22 KENNETH 0

USN-4429-1: Evolution Data Server vulnerability It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack. Source: USN-4429-1: Evolution Data Server vulnerability