USN-5286-1: cryptsetup vulnerability Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature. Source: USN-5286-1: cryptsetup vulnerability
Announcing NGINX Plus R26 p.indent { margin-left: 20px; } We’re happy to announce the availability of NGINX Plus Release 26 (R26). Based on NGINX Open Source, NGINX Plus is the only all-in-one software web server, load balancer, reverse proxy, content cache, and API gateway. New and enhanced features in NGINX Plus R26 include: Faster JWT validation with JSON Web Key Set caching – Continuing the series of enhancements to JSON Web Tokens (JWT) support added over the last few releases, we introduce in‑memory caching of JSON Web Key Sets (JWKS), which substantially reduces overhead for JWT validation. Hardened TLS handshakes – NGINX Plus rejects the TLS handshake if the client proposes a communication protocol via ALPN that doesn’t match the NGINX configuration context for the session being established (for example proposes IMAP to a virtual server in the http{} context). Enhancements to the NGINX [ more… ]
[도서] 컴퓨터 하드웨어 이해 및 설계 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]컴퓨터 하드웨어 이해 및 설계 성동수 저 | 그린 (윤덕우) | 2022년 02월 판매가 35,000원 (0%할인) | YES포인트 0원(0%지급) Source: [도서] 컴퓨터 하드웨어 이해 및 설계
[도서] CAD BASIC 드로잉 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]CAD BASIC 드로잉 이정원 저 | 명인북스 | 2022년 03월 판매가 21,600원 (10%할인) | YES포인트 1,200원(5%지급) 본 교재는 CAD를 처음 공부하는 분들과 저와 함께 공부하는 학생들을 위해 정리하였다. 벌써 CAD 소프트웨어를 사용한 20년 이상의 세월이 지나며, 여러 버전들을 거쳐왔다. 그와 함께 기업에서 일하며, 또는 시험을 Source: [도서] CAD BASIC 드로잉
USN-5284-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0511, CVE-2022-22755, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22764) It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions. (CVE-2022-22754) It was discovered that dragging and dropping an image into a folder could result in it being marked as executable. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially exploit this to execute arbitrary code. (CVE-2022-22756) It was discovered that Remote Agent, [ more… ]
Copyright © 2025 | WordPress Theme by MH Themes
