No Image

USN-3443-2: Linux kernel (HWE) vulnerabilities

2017-10-11 KENNETH 0

USN-3443-2: Linux kernel (HWE) vulnerabilities Ubuntu Security Notice USN-3443-2 10th October, 2017 linux-hwe vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-hwe – Linux hardware enablement (HWE) kernel Details USN-3443-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.This update provides the corresponding updates for the Linux HardwareEnablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that on the PowerPC architecture, the kernel did notproperly sanitize the signal stack when handling sigreturn(). A localattacker could use this to cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2017-1000255) Andrey Konovalov discovered that a divide-by-zero error existed in the TCPstack implementation in the Linux kernel. A local attacker could use thisto cause a denial of service [ more… ]

No Image

USN-3424-2: libxml2 vulnerabilities

2017-10-11 KENNETH 0

USN-3424-2: libxml2 vulnerabilities Ubuntu Security Notice USN-3424-2 10th October, 2017 libxml2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in libxml2. Software description libxml2 – GNOME XML library Details USN-3424-1 fixed several vulnerabilities in libxml2. This updateprovides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. (CVE-2017-0663) It was discovered that libxml2 did not properly validate parsed entity references. An attacker could use this to specially construct XML data that could expose sensitive information. (CVE-2017-7375) It was discovered that a buffer overflow existed in libxml2 when handling HTTP redirects. An attacker could use [ more… ]

No Image

RHEA-2017:2873-1: gcc-libraries bug fix and enhancement update

2017-10-11 KENNETH 0

RHEA-2017:2873-1: gcc-libraries bug fix and enhancement update Red Hat Enterprise Linux: Updated gcc-libraries packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Source: RHEA-2017:2873-1: gcc-libraries bug fix and enhancement update

No Image

RHBA-2017:2874-1: gcc-libraries bug fix and enhancement update

2017-10-11 KENNETH 0

RHBA-2017:2874-1: gcc-libraries bug fix and enhancement update Red Hat Enterprise Linux: Updated gcc-libraries packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Source: RHBA-2017:2874-1: gcc-libraries bug fix and enhancement update

Amazon EC2 Container Registry(ECR), 서울 리전 출시

2017-10-11 KENNETH 0

Amazon EC2 Container Registry(ECR), 서울 리전 출시 지난 주 Amazon ECS 서비스 서울 리전 출시 이후, 오늘 Amazon EC2 Container Registry(ECR) 서비스도 서울 리전에 출시 합니다. Amazon ECR 서비스는 콘테이너 기반 서비스 개발자가 Docker 콘테이너 이미지를 손쉽게 저장, 관리 및 배포할 수 있게 해주는 완전관리형 Docker 콘테이너 레지스트리입니다. Amazon ECR은 Amazon EC2 Container Service(ECS)와 통합되어 개발에서 프로덕션까지의 워크플로를 간소화할 수 있을 뿐 아니라 자체 컨테이너 레지스트리를 운영하거나 기본 인프라 확장에 대해 걱정할 필요가 없습니다. 또한, 콘테이너 이미지를 가용성과 확장성이 뛰어난 인프라에 호스팅하여 애플리케이션을 위해 콘테이너를 안정적으로 배포할 수 있습니다. 또한, AWS Identity and Access Management(IAM)와 통합되어 각 리포지토리에 대한 리소스 수준의 제어를 제공합니다. Amazon ECS/ECR  출시에 맞추어 아래와 같이 온라인 세미나를 준비하였습니다. 관심 있는 분들의 많은 참여를 바랍니다. 기술 기초 | Amazon ECS/ECR 활용하여 마이크로서비스 구성하기 연사: 김기완 AWS 솔루션즈 아키텍트 일시: 2017년 11월 1일 (수) 오전 10:00 – 오전 [ more… ]