SECURITY – 페이지 1013 – 지락문화예술공작단

USN-3336-1: NSS vulnerability

2017-06-22 KENNETH 0

USN-3336-1: NSS vulnerability Ubuntu Security Notice USN-3336-1 21st June, 2017 nss vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary NSS could be made to crash if it received specially crafted network traffic. Software description nss – Network Security Service library Details It was discovered that NSS incorrectly handled certain empty SSLv2messages. A remote attacker could possibly use this issue to cause NSS tocrash, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: libnss3 2:3.28.4-0ubuntu0.17.04.2 Ubuntu 16.10: libnss3 2:3.28.4-0ubuntu0.16.10.2 Ubuntu 16.04 LTS: libnss3 2:3.28.4-0ubuntu0.16.04.2 Ubuntu 14.04 LTS: libnss3 2:3.28.4-0ubuntu0.14.04.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart any applicationsthat use NSS, [ more… ]

RHBA-2017:1568-1: rhev-hypervisor bug fix and enhancement update for RHEV 3.6.11

2017-06-22 KENNETH 0

RHBA-2017:1568-1: rhev-hypervisor bug fix and enhancement update for RHEV 3.6.11 Red Hat Enterprise Linux: An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for RHEL-6 and RHEV 3.X Hypervisor and Agents for RHEL-7. Source: RHBA-2017:1568-1: rhev-hypervisor bug fix and enhancement update for RHEV 3.6.11

RHEA-2017:1570-1: rhvm-appliance bug fix and enhancement update for RHV 4.1

2017-06-22 KENNETH 0

RHEA-2017:1570-1: rhvm-appliance bug fix and enhancement update for RHV 4.1 Red Hat Enterprise Linux: Updated rhvm-appliance packages are now available. Source: RHEA-2017:1570-1: rhvm-appliance bug fix and enhancement update for RHV 4.1

Extending the Microsoft Edge Bounty Program

2017-06-22 KENNETH 0

Extending the Microsoft Edge Bounty Program Over the past ten months we have paid out over $200,000 USD in bounties. This collaboration with the research community has resulted in significant improvements in Edge security and has allowed us to offer more proactive security for our customers. Keeping in line with our philosophy of protecting customers and proactively partnering with researchers, today we are changing the Edge on Windows Insider Preview (WIP) bounty program from a time bound to a sustained bounty program. Since 2013, we have launched three browser bounties to uncover specific vulnerabilities. As security is a continuous effort and not a destination, we prioritize identifying different types of vulnerabilities in different points of time. On August 4, 2016, we launched the Edge Web Platform bounty on WIP to incentivize researchers to send us remote code execution (RCE), same [ more… ]

RHBA-2017:1566-1: redhat-virtualization-host security, bug fix, and enhancement update

2017-06-21 KENNETH 0

RHBA-2017:1566-1: redhat-virtualization-host security, bug fix, and enhancement update Red Hat Enterprise Linux: Updated redhat-virtualization-host packages are now available. Source: RHBA-2017:1566-1: redhat-virtualization-host security, bug fix, and enhancement update