KENNETH – 페이지 3738 – 지락문화예술공작단

USN-2917-1: Firefox vulnerabilities

2016-03-10 KENNETH 0

USN-2917-1: Firefox vulnerabilities Ubuntu Security Notice USN-2917-1 9th March, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or run programs as your login if it opened a malicious website. Software description firefox – Mozilla Open Source web browser Details Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS.If a user were tricked in to opening a specially crafted website, anattacker could potentially exploit this to cause a denial of service viaapplication crash, or execute arbitrary code with the privileges of theuser invoking Firefox. (CVE-2016-1950) Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, DanielHolbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto,Tyson Smith, Andrea Marchesini, and Jukka Jylänki discovered multiplememory safety issues in Firefox. If a user were [ more… ]

RHSA-2016:0379-1: Important: rhev-hypervisor security, bug fix and enhancement update

2016-03-10 KENNETH 0

RHSA-2016:0379-1: Important: rhev-hypervisor security, bug fix and enhancement update Red Hat Enterprise Linux: An updated rhev-hypervisor package that fixes several security issues, bugs, and enhancements is now available. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. CVE-2015-3197, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0800 Source: RHSA-2016:0379-1: Important: rhev-hypervisor security, bug fix and enhancement update

RHBA-2016:0374-1: redhat-certification-commons bug fix

2016-03-09 KENNETH 0

RHBA-2016:0374-1: redhat-certification-commons bug fix Red Hat Enterprise Linux: An updated redhat-certification-commons package that fixes a bug is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Source: RHBA-2016:0374-1: redhat-certification-commons bug fix

March 2016 Security Update Release

2016-03-09 KENNETH 0

March 2016 Security Update Release Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates can be found in the Security TechNet Library. MSRC Team Source: March 2016 Security Update Release

Adobe Acrobat 신규 취약점 보안 업데이트 권고

2016-03-09 KENNETH 0

출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=24108 □ 개요 o Adobe社는 Acrobat DC/Reader DC 및 XI에서 발생하는 취약점을 해결한 보안 업데이트를 발표[1] o 낮은 버전 사용자는 악성 코드 감염에 취약할 수 있어 해결방안에 따라 최신 버전으로 업데이트 권고 □ 설명 o Adobe Acrobat의 3개 취약점에 대한 보안 업데이트를 발표[1] · 임의코드 실행으로 이어질 수 있는 메모리 손상 취약점(CVE-2016-1007, CVE-2016-1009) · 디렉토리 검색 경로에서 일어나는 임의 코드 실행이 되던 취약점 (CVE-2016-1008) □ 영향 받는 소프트웨어 o Adobe Acrobat DC/Reader DC, Acrobat XI, Reader XI 소프트웨어명 동작환경 영향받는 버전 Acrobat DC 윈도우즈, 맥 15.010.20059 및 이전버전 15.006.30119 및 이전버전 Acrobat Reader DC 윈도우즈, 맥 15.010.20059 및 이전버전 15.006.30119 및 이전버전 Acrobat XI 윈도우즈, 맥 11.0.14 및 이전버전 Reader XI 윈도우즈, 맥 11.0.14 및 이전버전 □ 해결 방안 o Adobe Acrobat DC 사용자 – 윈도우즈, 맥 환경의 Adobe Acrobat DC 사용자는 15.010.20060버전 또는 15.006.30121버전 으로 업데이트 적용 [ more… ]