Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

USN-3438-1: Git vulnerability

2017-10-05 KENNETH 0

USN-3438-1: Git vulnerability Ubuntu Security Notice USN-3438-1 5th October, 2017 git vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Git be made to run programs if it processed a specially crafted file. Software description git – fast, scalable, distributed revision control system Details It was discovered that Git incorrectly handled certain subcommands such ascvsserver. A remote attacker could possibly use this issue via shellmetacharacters in modules names to execute arbitrary code. This update also removes the cvsserver subcommand from git-shell bydefault. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: git 1:2.11.0-2ubuntu0.3 Ubuntu 16.04 LTS: git 1:2.7.4-0ubuntu1.3 Ubuntu 14.04 LTS: git 1:1.9.1-1ubuntu0.7 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will [ more… ]

No Image

RHSA-2017:2860-1: Moderate: postgresql security update

2017-10-05 KENNETH 0

RHSA-2017:2860-1: Moderate: postgresql security update Red Hat Enterprise Linux: An update for postgresql is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-7546 Source: RHSA-2017:2860-1: Moderate: postgresql security update

WordPress 4.9 Beta 1

2017-10-05 KENNETH 0

WordPress 4.9 Beta 1 WordPress 4.9 Beta 1 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.9, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip). WordPress 4.9 is slated for release on November 14, but we need your help to get there. We’ve been working on making it even easier to customize your site. Here are some of the bigger items to test and help us find as many bugs as possible in the coming weeks: Drafting (#39896) and scheduling (#28721) of changes in the Customizer. Once you save or schedule a changeset, when any user comes into the Customizer the [ more… ]

Amazon EC2 Container Service(ECS) 서울 리전 출시!

2017-10-05 KENNETH 0

Amazon EC2 Container Service(ECS) 서울 리전 출시! 드디어 오늘 Amazon EC2 Container Service (Amazon ECS)를 아시아-태평양(서울) 리전에 출시합니다. Amazon ECS는 Docker 콘테이너를 프로덕션 환경에 배포 및 확장하기위한 관리 서비스로서, Amazon ECS를 사용하면 클러스터 구성에 필요한 서버 용량을 추가하고, 콘테이너 이미지를 업로드 할 수 있습니다. Amazon ECS는  서버 클러스터 전체에 콘테이너를 배포하고 상태를 모니터링하며, 콘테이너 부하 분산 및 크기 조정을 처리하는 동시에 데이터베이스 및 기타 리소스에 대한 각 콘테이너 접근 제어를 안전하게 할 수 있도록합니다. Amazon ECS는 이미 다양한 한국 고객들이 콘테이너 기반 애플리케이션에서 사용하고 있습니다. 삼성SDS  신우용 상무는 “AWS 클라우드를 선택한 이유는 Amazon EC2 컨테이너 서비스(Container Service)를 이용한 첼로 구축 POC를 진행하여 2시간 이내로 아주 빠르게 첼로를 구축할 수 있었고, 네트워크 응답 속도도 빠르고 안정적이었다. AWS 클라우드 서비스를 이용하여 고객에게 첼로를 빠르고, 안정적으로 서비스 할 수 있게 됐다”라고 설명하였습니다. 또한, 삼성전자 송주영 선임은 Samsung Knox에 ECS 기반으로 구축 한 후, [ more… ]

No Image

Using Free SSL/TLS Certificates from Let’s Encrypt with NGINX

2017-10-05 KENNETH 0

Using Free SSL/TLS Certificates from Let’s Encrypt with NGINX Also see our blog post from nginx.conf 2015, in which Peter Eckersley and Yan Zhu of the Electronic Frontier Foundation introduce the then-new Let’s Encrypt certificate authority. It’s now a well-known fact that SSL encrypting of your website leads to higher search rankings and better security for your users. However, there are a number of barriers that have prevented website owners from adopting SSL. Two of the biggest barriers have been the cost and the manual processes involved in getting a certificate. But now, with Let’s Encrypt, this is no longer a concern. Let’s Encrypt makes SSL encryption freely available to everyone. Let’s Encrypt is a free, automated, and open certificate authority. Yes, that’s right: SSL/TLS certificates for free. Certificates issued by Let’s Encrypt are trusted by most browsers today, including [ more… ]