Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

USN-3435-2: Firefox regression

2017-10-05 KENNETH 0

USN-3435-2: Firefox regression Ubuntu Security Notice USN-3435-2 4th October, 2017 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary USN-3435-1 caused a regression in Firefox. Software description firefox – Mozilla Open Source web browser Details USN-3435-1 fixed vulnerabilities in Firefox. The update caused the Flashplugin to crash in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, obtain sensitive information, bypass phishing and malware protection, spoof the origin in modal dialogs, conduct cross-site scripting (XSS) attacks, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-7793, CVE-2017-7810, CVE-2017-7811, CVE-2017-7812, [ more… ]

Node-ChakraCore update from Node.js Interactive 2017

2017-10-05 KENNETH 0

Node-ChakraCore update from Node.js Interactive 2017 Earlier this year, we shared an update on some key milestones achieved for Node-ChakraCore like cross-platform support, community participation for N-API, Node-ChakraCore on iOS and more. Today, as Node.js enthusiasts from all over the world gather in Vancouver, Canada for Node.js Interactive, we’d like to share an update on Node-ChakraCore – from its progress in handling production workloads and advancing N-API, to an update on running Node on iOS with ChakraCore. Node-ChakraCore in production deployments While Node-ChakraCore is still a pre-release project, and the team has been actively working on improving its reliability, performance and compatibility with popular Node.js modules. As with any new platform, running large production workloads is always a great challenge to test maturity and quality. Today we are happy to announce that Microsoft Edge Developer portal is handling 100% of [ more… ]

No Image

RHBA-2017:2859-1: Red Hat Certification bug fix and enhancement update

2017-10-04 KENNETH 0

RHBA-2017:2859-1: Red Hat Certification bug fix and enhancement update Red Hat Enterprise Linux: An updated redhat-certification package that fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Source: RHBA-2017:2859-1: Red Hat Certification bug fix and enhancement update

No Image

RHSA-2017:2858-1: Moderate: samba security update

2017-10-04 KENNETH 0

RHSA-2017:2858-1: Moderate: samba security update Red Hat Enterprise Linux: An update for samba is now available for Red Hat Gluster Storage 3.3 for RHEL 6 and Red Hat Gluster Storage 3.3 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-12150, CVE-2017-12151, CVE-2017-12163 Source: RHSA-2017:2858-1: Moderate: samba security update

No Image

USN-3437-1: OCaml vulnerability

2017-10-04 KENNETH 0

USN-3437-1: OCaml vulnerability Ubuntu Security Notice USN-3437-1 3rd October, 2017 ocaml vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary OCaml applications could be made to crash, expose sensitive information, or run programs. Software description ocaml – ML language implementation with a class-based object system Details Radek Micek discovered that OCaml incorrectly handled sign extensions. Aremote attacker could use this issue to cause applications using OCaml tocrash, to possibly obtain sensitive information, or to possibly executearbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: ocaml 4.01.0-3ubuntu3.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2015-8869 Source: USN-3437-1: OCaml vulnerability