USN-6129-2: Avahi vulnerability USN-6129-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. Source: USN-6129-2: Avahi vulnerability
USN-6203-2: Django vulnerability USN-6203-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 ESM. Original advisory details: Seokchan Yoon discovered that Django incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Source: USN-6203-2: Django vulnerability
LSN-0096-1: Kernel Live Patch Security Notice It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information.(CVE-2023-1380) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash).(CVE-2023-30456) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to [ more… ]
USN-6243-1: Graphite-Web vulnerabilities It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2017-18638) It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. (CVE-2022-4728, CVE-2022-4729, CVE-2022-4730) Source: USN-6243-1: Graphite-Web vulnerabilities
Amazon EBS 볼륨을 gp2에서 gp3으로 마이그레션하고 최대 20% 비용 절감하기 업데이트 (4/27/2022): EBS gp2-gp3 마이그레이션 비용 절감 계산기를 다운로드하면 EBS gp2 볼륨을 gp3로 마이그레이션할 때 비용을 얼마나 절감할 수 있는지 알 수 있습니다. 범용 SSD (gp2) Amazon EBS 볼륨은 AWS 고객에게 가상 데스크톱, 중간 규모 데이터베이스, 개발 및 테스트 환경과 같은 다양한 애플리케이션에서 SSD 성능을 달성할 수 있는 비용 효율적인 방법을 제공합니다. Amazon EBS gp2 볼륨은 사용이 간편한 반면 그 성능이 프로비저닝된 크기에 정비례하기 때문에 볼륨 크기가 커질수록 비용도 선형적으로 증가합니다. MySQL, Cassandra 및 Hadoop 클러스터와 같은 특정 애플리케이션은 고성능이 필요하지만 스토리지 용량은 많이 필요하지 않음에도 불구하고 사용자는 성능을 높이기 위해 더 큰 gp2 볼륨을 프로비저닝하는 방식을 택했습니다. 이로 인해 경우에 따라 스토리지 또는 성능을 과도하게 프로비저닝하여 결과적으로 비용 효율적이지 못했습니다. 2020년 12월, AWS는 새로운 Amazon EBS 범용 SSD 볼륨 유형인 gp3를 정식 출시했습니다. AWS는 gp3를 설계할 때 볼륨 크기에 [ more… ]
Copyright © 2026 | WordPress Theme by MH Themes
