No Image

USN-3992-1: WebKitGTK+ vulnerabilities

2019-05-22 KENNETH 0

USN-3992-1: WebKitGTK+ vulnerabilities webkit2gtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software Description webkit2gtk – Web content engine library for GTK+ Details A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libjavascriptcoregtk-4.0-18 – 2.24.2-0ubuntu0.19.04.1 libwebkit2gtk-4.0-37 – 2.24.2-0ubuntu0.19.04.1 Ubuntu 18.10 libjavascriptcoregtk-4.0-18 – 2.24.2-0ubuntu0.18.10.1 libwebkit2gtk-4.0-37 – 2.24.2-0ubuntu0.18.10.1 Ubuntu 18.04 LTS libjavascriptcoregtk-4.0-18 – 2.24.2-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 – 2.24.2-0ubuntu0.18.04.1 To update your system, please follow [ more… ]

No Image

USN-3566-2: PHP vulnerabilities

2019-05-22 KENNETH 0

USN-3566-2: PHP vulnerabilities php5 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Several security issues were fixed in PHP. Software Description php5 – HTML-embedded scripting language interpreter Details USN-3566-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. (CVE-2018-20783) It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or possibly cause a crash, resulting in a denial of service. (CVE-2019-11036) Original advisory details: It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use this issue to cause PHP to crash, resulting [ more… ]

[도서] 모두를 죽이려면 여기를 클릭하세요

2019-05-22 KENNETH 0

[도서] 모두를 죽이려면 여기를 클릭하세요 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]모두를 죽이려면 여기를 클릭하세요 브루스 슈나이어 저/김상현 역 | 에이콘출판사 | 2019년 05월 판매가 22,500원 (10%할인) | YES포인트 1,250원(5%지급) 인터넷은 우리 일상을 더없이 편리하게 해주는 필수품이 됐다. 하지만 그만큼 더 위험해졌다. 주변의 모든 사물이 인터넷에 연결되는 ‘사물인터넷’ 시대로 진화하면서 인터넷은 누군가의 클릭 한 번으로 수백, 수 Source: [도서] 모두를 죽이려면 여기를 클릭하세요

[도서] Immutable.js 마스터

2019-05-22 KENNETH 0

[도서] Immutable.js 마스터 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]Immutable.js 마스터 아담 보두치 저/조경빈 역 | 에이콘출판사 | 2019년 05월 판매가 18,000원 (10%할인) | YES포인트 1,000원(5%지급) 유일하게 Immutable.js를 제대로 다루고 있는 책으로 구성이 좋고 설명도 매우 친절하다. 많은 개발서가 독자의 눈높이를 맞추려고 시도하지만 실패하는 경우가 많은데 이 책은 기존 자바스크립트 개발자가 Immutabl Source: [도서] Immutable.js 마스터

No Image

USN-3991-1: Firefox vulnerabilities

2019-05-22 KENNETH 0

USN-3991-1: Firefox vulnerabilities firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Firefox could be made to crash or run programs as your login if it opened a malicious website. Software Description firefox – Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11695, CVE-2019-11696, CVE-2019-11699, CVE-2019-11701, CVE-2019-7317, CVE-2019-9800, CVE-2019-9814, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820, CVE-2019-9821) It was discovered that pressing certain key combinations could bypass addon installation prompt delays. If [ more… ]