[월:] 2023년 08월

No Image

USN-6273-1: poppler vulnerabilities

2023-08-03 KENNETH 0

USN-6273-1: poppler vulnerabilities Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27337) It was discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-34872) Source: USN-6273-1: poppler vulnerabilities

No Image

USN-5064-3: GNU cpio vulnerability

2023-08-03 KENNETH 0

USN-5064-3: GNU cpio vulnerability USN-5064-1 fixed a vulnerability in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5064-3: GNU cpio vulnerability

AWS 이스라엘(텔아비브) 리전 공개

2023-08-03 KENNETH 0

AWS 이스라엘(텔아비브) 리전 공개 2021년 6월, Jeff Barr가 AWS 이스라엘(텔아비브) 리전을 지원 계획을 발표했었습니다. 오늘 세 개의 가용 영역과 il-central-1 API 이름을 포함하는 AWS 이스라엘(텔아비브)의 정식 출시를 발표합니다. 새로운 텔아비브 리전은 고객이 이스라엘에 위치한 데이터 센터에서 애플리케이션을 실행하고 최종 사용자에게 서비스를 제공할 수 있도록 추가 옵션을 제공합니다. 고객은 이스라엘에 데이터를 안전하게 저장하는 동시에 주변 지역의 사용자에게 훨씬 더 짧은 대기 시간 내에 서비스를 제공할 수 있습니다. AWS 이스라엘(텔아비브) 리전의 AWS 서비스 이제 새로운 리전에서 Amazon EC2 C5, C5d, C6g, C6gn, C6i, C6id, D3, G5, I3, I3en, I4i, M5, M5d, M6g, M6gd, M6i, M6id, P4de(미리보기), R5, R5d, R6g, R6i, R6id, T3, T3a, T4g 인스턴스와 다음 AWS 서비스를 사용할 수 있습니다: Amazon API Gateway, AWS AppConfig, AWS Application Auto Scaling, Amazon Aurora, Aurora PostgreSQL, AWS Budgets, AWS Certificate Manager, AWS CloudFormation, Amazon Cloudfront, AWS Cloud Map, AWS CloudTrail, Amazon CloudWatch, Amazon CloudWatch Events, Amazon CloudWatch Logs, [ more… ]

No Image

USN-6272-1: OpenJDK 20 vulnerabilities

2023-08-03 KENNETH 0

USN-6272-1: OpenJDK 20 vulnerabilities Motoyasu Saburi discovered that OpenJDK 20 incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22006) Eirik Bjørsnøs discovered that OpenJDK 20 incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-22036) David Stancu discovered that OpenJDK 20 had a flaw in the AES cipher implementation. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22041) Zhiqiang Zang discovered that OpenJDK 20 incorrectly handled array accesses when using the binary ‘%’ operator. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22044) Zhiqiang Zang discovered that OpenJDK 20 incorrectly handled array accesses. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22045) It was discovered that OpenJDK 20 [ more… ]

No Image

USN-6271-1: MaraDNS vulnerabilities

2023-08-03 KENNETH 0

USN-6271-1: MaraDNS vulnerabilities Xiang Li discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-30256) Huascar Tejeda discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-31137) Source: USN-6271-1: MaraDNS vulnerabilities