Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

USN-3552-1: Firefox vulnerability

2018-02-01 KENNETH 0

USN-3552-1: Firefox vulnerability Ubuntu Security Notice USN-3552-1 31st January, 2018 firefox vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Firefox could be made to run programs as your login if it opened a malicious website. Software description firefox – Mozilla Open Source web browser Details Johann Hofmann discovered that HTML fragments created forchrome-privileged documents were not properly sanitized. An attackercould exploit this to execute arbitrary code. (CVE-2018-5124) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: firefox 58.0.1+build1-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: firefox 58.0.1+build1-0ubuntu0.16.04.1 Ubuntu 14.04 LTS: firefox 58.0.1+build1-0ubuntu0.14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart Firefox to makeall the necessary changes. References CVE-2018-5124 Source: USN-3552-1: Firefox vulnerability

No Image

RHSA-2018:0260-1: Moderate: systemd security update

2018-02-01 KENNETH 0

RHSA-2018:0260-1: Moderate: systemd security update Red Hat Enterprise Linux: An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2018-1049 Source: RHSA-2018:0260-1: Moderate: systemd security update

No Image

RHSA-2017:2788-2: Important: augeas security update

2018-02-01 KENNETH 0

RHSA-2017:2788-2: Important: augeas security update Red Hat Enterprise Linux: An update for augeas is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-7555 Source: RHSA-2017:2788-2: Important: augeas security update

No Image

RHBA-2017:2939-2: augeas bug fix update

2018-02-01 KENNETH 0

RHBA-2017:2939-2: augeas bug fix update Red Hat Enterprise Linux: Updated augeas packages that fix one bug are now available for Red Hat Enterprise Linux 7. Source: RHBA-2017:2939-2: augeas bug fix update

No Image

USN-3553-1: Ruby vulnerabilities

2018-02-01 KENNETH 0

USN-3553-1: Ruby vulnerabilities Ubuntu Security Notice USN-3553-1 31st January, 2018 ruby2.3 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Summary Several security issues were fixed in Ruby. Software description ruby2.3 – Interpreter of object-oriented scripting language Ruby Details It was discovered that Ruby failed to validate specification names.An attacker could possibly use a maliciously crafted gem to potentiallyoverwrite any file on the filesystem. (CVE-2017-0901) It was discovered that Ruby was vulnerable to a DNS hijacking vulnerability.An attacker could use this to possibly force the RubyGems client to downloadand install gems from a server that the attacker controls. (CVE-2017-0902) It was discovered that Ruby incorrectly handled certain YAML files. An attacker coulduse this to possibly execute arbitrary code. (CVE-2017-0903) Update instructions The problem can be corrected by updating your system to the [ more… ]