No Image

FE개발자의 성장 스토리 06 : 2021년 Chrome의 새로운 변화 – Schemeful same-site을 대응하자

2021-02-02 KENNETH 0

FE개발자의 성장 스토리 06 : 2021년 Chrome의 새로운 변화 – Schemeful same-site을 대응하자 안녕하세요. FE플랫폼팀 피터입니다 🙂 제가 소속된 FE플랫폼팀에서는 Chrome 업데이트 사항 중 사용자에게 영향을 미치는 기능을 리서치 후 사내 크루들에게 공유하고는 합니다. 이번에는 2021년 1월부터 업데이트되는 Chrome M88에 적용될 Schemeful same-site를 사내 크루들에게 공유하였는데요, Schemeful same-site는 같은 도메인의 HTTP 사이트와 HTTPS 사이트를 cross-site로 취급하도록 정책을 변경한 내용입니다. 관련해서 공식 문서를 통해 리서치한 내용을 공유 드리고자 합니다. […] Source: FE개발자의 성장 스토리 06 : 2021년 Chrome의 새로운 변화 – Schemeful same-site을 대응하자

No Image

USN-4717-1: Firefox vulnerabilities

2021-02-02 KENNETH 0

USN-4717-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code. Source: USN-4717-1: Firefox vulnerabilities

No Image

USN-4715-2: Django vulnerability

2021-02-02 KENNETH 0

USN-4715-2: Django vulnerability USN-4715-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location. Source: USN-4715-2: Django vulnerability

No Image

USN-4716-1: MySQL vulnerabilities

2021-02-01 KENNETH 0

USN-4716-1: MySQL vulnerabilities Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-23.html https://www.oracle.com/security-alerts/cpujan2021.html Source: USN-4716-1: MySQL vulnerabilities

No Image

USN-4715-1: Django vulnerability

2021-02-01 KENNETH 0

USN-4715-1: Django vulnerability Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location. Source: USN-4715-1: Django vulnerability