오픈소스 검증 도구: OLIVE CLI 소개 안녕하세요, 오픈소스기술파트 리키입니다. 저는 오픈소스기술파트에서 OLIVE Platform 개발과 프로젝트에 대한 오픈소스 검증을 담당하고 있습니다. 여기에서는 실시간 오픈소스 자동화 관리 서비스인 OLIVE Platform에 새롭게 추가된 OLIVE Command Line Interface(CLI)에 대해 이야기하려고 합니다. OLIVE CLI를 개발하게 된 배경부터 주요 핵심 명령어들에 대해 알아보고, 금융권 3사에서 비공개 베타 테스트(CBT)를 진행하며 적용한 사례를 공유합니다. 마지막으로, OLIVE CLI 로드맵에 대해 […] Source: 오픈소스 검증 도구: OLIVE CLI 소개
USN-5396-2: Ghostscript vulnerability USN-5396-1 addressed a vulnerability in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Source: USN-5396-2: Ghostscript vulnerability
USN-5474-1: Varnish Cache vulnerabilities It was dicovered that Varnish Cache did not clear a pointer between the handling of one client request and the next request within the same connection. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2019-20637) It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote attacker could possibly use this issue to restart the daemon and cause a performance loss. (CVE-2020-11653) It was discovered that Varnish Cache allowed request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-36740) It was discovered that Varnish Cache allowed request smuggling for HTTP/1 connections. A remote attacker could possibly use this issue to obtain sensitive information. [ more… ]
USN-5472-1: FFmpeg vulnerabilities It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding (LPC) or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20445, CVE-2020-20446, CVE-2020-20453) It was discovered that FFmpeg incorrectly handled certain input. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20450) It was discovered that FFmpeg incorrectly handled file conversion to APNG format. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21041) It was discovered that FFmpeg incorrectly handled remuxing RTP-hint tracks. A remote attacker could possibly [ more… ]
USN-5473-1: ca-certificates update The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle. Source: USN-5473-1: ca-certificates update
Copyright © 2026 | WordPress Theme by MH Themes
