Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

RHSA-2016:2136-1: Critical: java-1.8.0-ibm security update

2016-11-02 KENNETH 0

RHSA-2016:2136-1: Critical: java-1.8.0-ibm security update Red Hat Enterprise Linux: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597 Source: RHSA-2016:2136-1: Critical: java-1.8.0-ibm security update

No Image

USN-3119-1: Bind vulnerability

2016-11-02 KENNETH 0

USN-3119-1: Bind vulnerability Ubuntu Security Notice USN-3119-1 1st November, 2016 bind9 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Bind could be made to crash if it received specially crafted network traffic. Software description bind9 – Internet Domain Name Server Details Tony Finch and Marco Davids discovered that Bind incorrectly handledcertain responses containing a DNAME answer. A remote attacker couldpossibly use this issue to cause Bind to crash, resulting in a denial ofservice. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.1 Ubuntu 16.04 LTS: bind9 1:9.10.3.dfsg.P4-8ubuntu1.2 Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.10 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.19 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will [ more… ]

No Image

RHSA-2016:2135-1: Low: Red Hat Enterprise Linux 6.6 Extended Update Support Retirement Notice

2016-11-02 KENNETH 0

RHSA-2016:2135-1: Low: Red Hat Enterprise Linux 6.6 Extended Update Support Retirement Notice Red Hat Enterprise Linux: This is the final notification for the retirement of Red Hat Enterprise Linux 6.6 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 6.6. Source: RHSA-2016:2135-1: Low: Red Hat Enterprise Linux 6.6 Extended Update Support Retirement Notice

Amazon CloudWatch 업데이트– 통계 보유 기간 확대 및 사용자 인터페이스 개선

2016-11-02 KENNETH 0

Amazon CloudWatch 업데이트– 통계 보유 기간 확대 및 사용자 인터페이스 개선 Amazon CloudWatch는 AWS 자원 및 구동하는 애플리케이션에 대한 모니터링 서비스입니다. 각종 통계치, 로그 파일을 수집해서 알림을 만들거나 AWS 자원의 변화에 대응할 수 있습니다. 오늘 두 가지 중요한 기능을 새롭게 출시합니다. 통계 보유 기간 확대 – CloudWatch 통계치는 15개월까지 보관 쉬운 통계 선택 기능 – CloudWatch 콘솔에서 관심 통계 선택 방식을 쉽게 변경 향상된 통계 그래프 기능 – 선택한 통계에 대한 다양한 그래프 생성 기능 하나씩 살펴 보도록 합시다! 통계 보유 기간 확대 2009년에 처음 Amazon CloudWatch를 출시(New Features for Amazon EC2: Elastic Load Balancing, Auto Scaling, and Amazon CloudWatch) 했을 때, 시스템 통계 데이터는 14일간만 저장되었습니다. 그 이후로 사용자 정의 통계 데이터 확대 후에도 같은 기간이 제공되었습니다. 많은 고객들이 계절별 요인, 월간 통계치 및 연간 분석 등을 위해 더 오랜 기간 로그 통계를 보유할 수 있도록 요청하였습니다. 이에 부응하기 [ more… ]

No Image

USN-3115-1: Django vulnerabilities

2016-11-02 KENNETH 0

USN-3115-1: Django vulnerabilities Ubuntu Security Notice USN-3115-1 1st November, 2016 python-django vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Django. Software description python-django – High-level Python web development framework Details Marti Raudsepp discovered that Django incorrectly used a hardcoded passwordwhen running tests on an Oracle database. A remote attacker could possiblyconnect to the database while the tests are running and prevent the testuser with the hardcoded password from being removed. (CVE-2016-9013) Aymeric Augustin discovered that Django incorrectly validated hosts whenbeing run with the debug setting enabled. A remote attacker could possiblyuse this issue to perform DNS rebinding attacks. (CVE-2016-9014) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: python3-django [ more… ]