Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

RHSA-2016:1421-1: Important: httpd security update

2016-07-19 KENNETH 0

RHSA-2016:1421-1: Important: httpd security update Red Hat Enterprise Linux: An update for httpd is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-5387 Source: RHSA-2016:1421-1: Important: httpd security update

No Image

RHSA-2016:1420-1: Important: httpd24-httpd security update

2016-07-19 KENNETH 0

RHSA-2016:1420-1: Important: httpd24-httpd security update Red Hat Enterprise Linux: An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-4979, CVE-2016-5387 Source: RHSA-2016:1420-1: Important: httpd24-httpd security update

Mitigating the HTTPoxy Vulnerability with NGINX

2016-07-19 KENNETH 0

Mitigating the HTTPoxy Vulnerability with NGINX On July 18th, a vulnerability named ‘HTTPoxy’ was announced, affecting some server-side web applications that run in CGI or CGI-like environments, such as some FastCGI configurations. Languages known to be affected so far include PHP, Python, and Go. The vulnerability was mentioned on the NGINX mailing list in July, 2013, by Jonathan Matthews. This month, it was found in the wild. A number of CVEs have been assigned, covering specific languages and CGI implementations: CVE-2016-5385: PHP CVE-2016-5386: Go CVE-2016-5387: Apache HTTP Server CVE-2016-5388: Apache Tomcat CVE-2016-1000109: HHVM CVE-2016-1000110: Python There is a new website describing the vulnerability, a CERT vulnerability note, and a description of the discovery of the vulnerability. There is additional information on the personal website of Dominic Scheirlinck, an open source web developer at Vend. This post describes the vulnerability and [ more… ]

No Image

RHSA-2016:1430-1: Moderate: java-1.7.0-ibm and java-1.7.1-ibm security update

2016-07-18 KENNETH 0

RHSA-2016:1430-1: Moderate: java-1.7.0-ibm and java-1.7.1-ibm security update RHN Satellite and Proxy: An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449 Source: RHSA-2016:1430-1: Moderate: java-1.7.0-ibm and java-1.7.1-ibm security update

No Image

RHSA-2016:1292-2: Important: libxml2 security update

2016-07-18 KENNETH 0

RHSA-2016:1292-2: Important: libxml2 security update Red Hat Enterprise Linux: An update for libxml2 is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 18 July 2016] This advisory has been updated to push packages into the Red Hat Enterprise Linux 6 Desktop channels. The packages included in this revised update have not been changed in any way from the packages included in the original advisory. CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449 Source: RHSA-2016:1292-2: Important: libxml2 security update