No Image

USN-4922-1: Ruby vulnerability

2021-04-21 KENNETH 0

USN-4922-1: Ruby vulnerability Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Source: USN-4922-1: Ruby vulnerability

[도서] 한 권으로 끝내는 Node & Express

2021-04-21 KENNETH 0

[도서] 한 권으로 끝내는 Node & Express 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]한 권으로 끝내는 Node & Express 이선 브라운 저/한선용 역 | 한빛미디어 | 2021년 05월 판매가 25,200원 (10%할인) | YES포인트 1,400원(5%지급) 진화한 자바스크립트와 노드, 익스프레스 완벽 가이드 자바스크립트 개발 스택의 핵심인 노드와 익스프레스로 동적 웹 애플리케이션을 만들어보자. 웹사이트 개발 과정을 살펴보며 익스프레스 기본 사항을 설명 Source: [도서] 한 권으로 끝내는 Node & Express

No Image

USN-4921-1: libcaca vulnerability

2021-04-21 KENNETH 0

USN-4921-1: libcaca vulnerability It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. Source: USN-4921-1: libcaca vulnerability

No Image

USN-4918-2: ClamAV vulnerabilities

2021-04-20 KENNETH 0

USN-4918-2: ClamAV vulnerabilities USN-4918-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2021-1252) It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1404) It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1405) Source: USN-4918-2: ClamAV vulnerabilities

No Image

USN-4563-2: NTP vulnerability

2021-04-20 KENNETH 0

USN-4563-2: NTP vulnerability USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service (crash). Source: USN-4563-2: NTP vulnerability