No Image

USN-4552-2: Pam-python vulnerability

2020-10-22 KENNETH 0

USN-4552-2: Pam-python vulnerability Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Source: USN-4552-2: Pam-python vulnerability

Acer announces latest lineup of consumer laptops, introduces new TravelMate notebooks and Porsche Design Acer Book RS

2020-10-22 KENNETH 0

Acer announces latest lineup of consumer laptops, introduces new TravelMate notebooks and Porsche Design Acer Book RS Acer has introduced a suite of new consumer notebooks across its Swift, Spin and Aspire series, all powered by 11th Gen Intel Core processors with Intel Iris Xe graphics. The refreshed devices also come with features such as full HD IPS touch screens, ports that provide fast and convenient data transfer and the flexibility of different modes. Most also include Cortana and/or Windows Hello. Creative professionals such as photographers and YouTubers will probably appreciate the Acer Swift 3X, a 3-pound device that can handle the most task-intensive apps for up to 17.5 hours at a time and, if necessary, can also be fast charged to provide four hours of use in just 30 minutes.  It will be available in North America in December [ more… ]

Announcing Windows 10 Insider Preview Build 20241

2020-10-22 KENNETH 0

Announcing Windows 10 Insider Preview Build 20241 Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 20241 to Windows Insiders in the Dev Channel. What’s new in Build 20241 Introducing theme-aware splash screens for apps Building on theme-aware tiles in Start, we’re introducing theme-aware splash screens for Universal Windows Platform (UWP) apps. Now, when an eligible UWP app is launched, the splash screen color will match your default app mode. For example, if you have light theme turned on, you’ll see a light theme splash screen, and if you have dark theme turned on (for the “default app mode”) then you’ll see a dark theme splash screen. Settings app splash screen before and after in light theme: Settings app splash screen before and after in dark theme: The following apps support theme-aware splash screens today: Settings Store Windows [ more… ]

No Image

USN-4596-1: Tomcat vulnerabilities

2020-10-21 KENNETH 0

USN-4596-1: Tomcat vulnerabilities It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. (CVE-2020-11996) It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An attacker could possibly use this to generate an OutOfMemoryException, resulting in a denial of service. (CVE-2020-13934) It was discovered that Tomcat did not properly validate the payload length in a WebSocket frame. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service. (CVE-2020-13935) It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484) Source: USN-4596-1: Tomcat vulnerabilities

AWS Lambda, AWS PrivateLink 기반 접속 지원 기능 출시 (서울 리전 포함)

2020-10-21 KENNETH 0

AWS Lambda, AWS PrivateLink 기반 접속 지원 기능 출시 (서울 리전 포함) AWS Lambda는 서버를 프로비저닝하거나 관리하지 않고도 코드를 실행할 수 있는 서버리스 컴퓨팅 서비스입니다. 코드를 업로드하기만 하면 코드를 실행하고 확장하여 고가용성을 달성하기 위한 모든 작업을 Lambda가 수행합니다. 현재 많은 AWS 고객이 이 서버리스 컴퓨팅 플랫폼을 사용하여 애플리케이션을 개발하고 운영할 때의 생산성을 개선합니다. 오늘부터 AWS Lambda에서 AWS PrivateLink가 지원됩니다. 이제 트래픽을 퍼블릭 인터넷에 노출하지 않고 사내 Virtual Private Cloud(VPC) 또는 온프레미스 데이터 센터 안에서 Lambda 함수를 안전하게 호출할 수 있습니다. 지금까지는 Lambda 함수를 호출할 때 VPC에 인터넷 게이트웨이, 네트워크 주소 변환(NAT) 게이트웨이 및/또는 퍼블릭 IP 주소가 필요했습니다. 이번 업데이트부터는 PrivateLink가 AWS 프라이빗 네트워크를 통해 호출을 라우팅하므로 인터넷 액세스가 필요하지 않습니다. 또한 AWS Direct Connect 또는 AWS VPN 연결을 통해 VPC에 연결하여 온프레미스 데이터 센터에서 직접 Lambda API를 호출할 수 있습니다. 내부 IT 거버넌스 요구 사항으로 인해 인터넷 액세스가 없는 VPC에서 [ more… ]