KENNETH – 페이지 260 – 지락문화예술공작단

AWS 주간 소식 모음 – 2023년 1월 셋째주

2023-01-26 KENNETH 0

AWS 주간 소식 모음 – 2023년 1월 셋째주 늘 그렇듯이 바쁜 한 주를 보냈으므로 바로 시작해 보겠습니다! 지난주 출시 다음은 지난주에 있던 몇 가지 눈에 띄는 출시 사항입니다. Amazon Connect – 이제 컨텍스트, 메타데이터, 트랜스크립트를 포함하여 이전 대화를 재개할 수 있는 기능을 통해 고객에게 오래 지속되는 일관된 채팅 경험을 제공할 수 있습니다. 자세히 알아보기. Amazon RDS for MariaDB — 이제 Amazon RDS for MariaDB를 실행하는 데이터베이스 인스턴스에 암호화된 연결(SSL/TLS)을 사용하도록 강제할 수 있습니다. 자세히 알아보기. Amazon CloudWatch — 이제 지표 스트림을 사용하여 단일 AWS 리전 내에서 거의 실시간으로 AWS 계정 간에 지표를 지속적으로 전송할 수 있습니다. 자세히 알아보기. AWS 서버리스 애플리케이션 모델 — 이제 SAM CLI에서 CloudFormation Linter를 실행하여 SAM 템플릿을 검증할 수 있습니다. 기본 규칙은 템플릿 크기, Fn:GetAttt 파라미터, Fn:If 구문 등을 확인하세요. 자세히 알아보기. EC2 오토 스케일링 — 이제 오토 스케일링 그룹의 용량을 최적화하기 위래 예측 조정 정책능 [ more… ]

USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities

2023-01-26 KENNETH 0

USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) It was discovered that an integer overflow vulnerability existed in the Bluetooth [ more… ]

USN-5828-1: Kerberos vulnerabilities

2023-01-26 KENNETH 0

USN-5828-1: Kerberos vulnerabilities It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-20217) Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2022-42898) Source: USN-5828-1: Kerberos vulnerabilities

Announcing Windows 11 Insider Preview Build 25284

2023-01-26 KENNETH 0

Announcing Windows 11 Insider Preview Build 25284 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 25284 to the Dev Channel. TL;DR This build will not be available for Arm64 devices due to a known issue (listed below) that is resulting in devices getting stuck at the OS boot logo. We have a new widget for Insiders in the Dev Channel to try! This build includes a small set of fixes. What’s new New Widget With the release of Windows App SDK 1.2 developers are now able to create widgets for their apps. Users can access these experiences on their Windows 11 widgets board in current Dev Channel Insider Preview builds. Ready to try out a new widget? The Messenger app now has a preview version of its widget available. To give it a try, go to [ more… ]

USN-5827-1: Bind vulnerabilities

2023-01-26 KENNETH 0

USN-5827-1: Bind vulnerabilities Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. (CVE-2022-3094) Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3736) Maksym Odinintsev discovered that Bind incorrectly handled certain answers from stale cache. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3924) Source: USN-5827-1: Bind vulnerabilities