[월:] 2023년 02월

No Image

USN-5896-1: Rack vulnerabilities

2023-02-28 KENNETH 0

USN-5896-1: Rack vulnerabilities It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-30122) It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application. (CVE-2022-30123) Source: USN-5896-1: Rack vulnerabilities

No Image

USN-5888-1: Python vulnerabilities

2023-02-28 KENNETH 0

USN-5888-1: Python vulnerabilities It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2015-20107) Hamza Avvan discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-28861) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-37454, CVE-2022-42919) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, [ more… ]

AWS Telco Network Builder – 통신 네트워크 배포 및 관리 서비스 출시

2023-02-28 KENNETH 0

AWS Telco Network Builder – 통신 네트워크 배포 및 관리 서비스 출시 100여 년의 시간 동안 통신 산업은 표준화되고 규제되었으며, 그 과정에서 메소드와 기술, 다양한 용어(흥미로운 두문자어로 가득 차 있음)가 개발되었습니다. 업계에서는 고객에게 최상의 음성 및 데이터 서비스를 제공한다는 명목으로 이 엄청난 유산을 존중하는 동시에 신기술을 활용해야 합니다. 오늘은 AWS Telco Network Builder (TNB)에 대한 이야기를 하려고 합니다. 이 새로운 서비스는 통신 서비스 공급자(CSP)가 AWS에서 공용 및 사설 통신 네트워크를 배포 및 관리할 수 있도록 설계되었습니다. 기존 표준, 관행 및 데이터 형식을 사용하므로 CSP가 AWS의 성능, 규모 및 유연성을 더 쉽게 활용할 수 있습니다. 오늘날 CSP는 종종 코드를 가상 머신에 배포합니다. 그러나 미래를 대비하면서 이들은 추가적인 유연성을 모색하고 있으며 컨테이너를 점점 더 많이 사용하고 있습니다. AWS TNB는 이러한 전환의 일환으로 패키징 및 배포를 위해 Kubernetes와 Amazon Elastic Kubernetes Service(EKS)를 사용합니다. 개념 및 용어 서비스에 대해 자세히 알아보기 전에 이 업계에서 [ more… ]

Lenovo’s latest Windows 11 PCs embrace hybrid work styles and sustainable materials

2023-02-28 KENNETH 0

Lenovo’s latest Windows 11 PCs embrace hybrid work styles and sustainable materials At Mobile World Congress 2023, Lenovo showed off an array of devices aimed at hybrid work that demonstrate an increased use of more sustainable materials and more enhancements to help users get more done on the go. Powered by the latest AMD Ryzen 7000 Series Mobile Processors with integrated AMD Radeon Graphics, the ThinkPad Z13 and Z16 second generation Windows 11 laptops can be configured with up to 64GB Dual Channel memory and up to 2GB PCIe SSD to breeze through the most demanding tasks. The ThinkPad Z13 Gen2 also comes with an optional new natural fiber reinforced material bonded to the 75% recycled aluminum top cover. This woven Flax material is made from 100% agricultural product collected by harvesting flax plant fibers. A large haptic touchpad sits [ more… ]

No Image

USN-5895-1: MPlayer vulnerabilities

2023-02-28 KENNETH 0

USN-5895-1: MPlayer vulnerabilities It was discovered that MPlayer could be made to divide by zero when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38850, CVE-2022-38860, CVE-2022-38865) It was discovered that MPlayer could be made to read out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38851) It was discovered that MPlayer could be made to write out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use [ more… ]