USN-4719-1: ca-certificates update The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle. Source: USN-4719-1: ca-certificates update
USN-4718-1: fastd vulnerability It was discovered that fastd incorrectly handled certain packets. An attacker could possibly use this issue to cause a denial of service. Source: USN-4718-1: fastd vulnerability
USN-4467-2: QEMU vulnerabilities USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13253) Ren Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver incorrectly handled certain invalid frame counts. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13361) Ren Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13362) Alexander [ more… ]
Easy and Robust Single Sign-On with OpenID Connect and NGINX Ingress Controller With the release of NGINX Ingress Controller 1.10.0, we are happy to announce a major enhancement: a technology preview of OpenID Connect (OIDC) authentication. OIDC is the identity layer built on top of the OAuth 2.0 framework which provides an authentication and single sign‑on (SSO) solution for modern apps. Our OIDC policy is a full‑fledged SSO solution enabling users to securely authenticate with multiple applications and Kubernetes services. Significantly, it enables apps to use an external identity provider (IdP) to authenticate users and frees the apps from having to handle usernames or passwords. This new capability complements other NGINX Ingress Controller authorization and authentication features, such as JSON Web Token (JWT) authentication, to provide a robust SSO option that is easy to configure with NGINX Ingress resources. This means you [ more… ]
FE개발자의 성장 스토리 06 : 2021년 Chrome의 새로운 변화 – Schemeful same-site을 대응하자 안녕하세요. FE플랫폼팀 피터입니다 🙂 제가 소속된 FE플랫폼팀에서는 Chrome 업데이트 사항 중 사용자에게 영향을 미치는 기능을 리서치 후 사내 크루들에게 공유하고는 합니다. 이번에는 2021년 1월부터 업데이트되는 Chrome M88에 적용될 Schemeful same-site를 사내 크루들에게 공유하였는데요, Schemeful same-site는 같은 도메인의 HTTP 사이트와 HTTPS 사이트를 cross-site로 취급하도록 정책을 변경한 내용입니다. 관련해서 공식 문서를 통해 리서치한 내용을 공유 드리고자 합니다. […] Source: FE개발자의 성장 스토리 06 : 2021년 Chrome의 새로운 변화 – Schemeful same-site을 대응하자
Copyright © 2025 | WordPress Theme by MH Themes
