SECURITY – 페이지 1025 – 지락문화예술공작단

RHSA-2017:1440-1: Critical: firefox security update

2017-06-14 KENNETH 0

RHSA-2017:1440-1: Critical: firefox security update Red Hat Enterprise Linux: An update for firefox is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764, CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778 Source: RHSA-2017:1440-1: Critical: firefox security update

RHSA-2017:1439-1: Critical: flash-plugin security update

2017-06-14 KENNETH 0

RHSA-2017:1439-1: Critical: flash-plugin security update Red Hat Enterprise Linux: An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-3075, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3081, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084 Source: RHSA-2017:1439-1: Critical: flash-plugin security update

June 2017 security update release

2017-06-14 KENNETH 0

June 2017 security update release Microsoft releases additional updates for older platforms to protect against potential nation-state activity Today, as part of our regular Update Tuesday schedule, we have taken action to provide additional critical security updates to address vulnerabilities that are at heighted risk of exploitation due to past nation-state activity and disclosures. Some of the releases today are new, and some are for older platforms under custom support agreements, that we are making publicly available today. Customers with automatic updates enabled are protected and there is no additional action required. For customers managing updates, or those on older platforms, we encourage them to apply these updates as soon as possible. Our security teams actively monitor for emerging threats to help us prioritize and take appropriate action. We are committed to ensuring our customers are protected against these potential [ more… ]

USN-3318-1: GnuTLS vulnerabilities

2017-06-14 KENNETH 0

USN-3318-1: GnuTLS vulnerabilities Ubuntu Security Notice USN-3318-1 13th June, 2017 gnutls26, gnutls28 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in GnuTLS. Software description gnutls26 – GNU TLS library gnutls28 – GNU TLS library Details Hubert Kario discovered that GnuTLS incorrectly handled decoding a statusresponse TLS extension. A remote attacker could possibly use this issue tocause GnuTLS to crash, resulting in a denial of service. This issue onlyapplied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. (CVE-2017-7507) It was discovered that GnuTLS incorrectly handled decoding certain OpenPGPcertificates. A remote attacker could use this issue to cause GnuTLS tocrash, resulting in a denial of service, or possibly execute arbitrarycode. (CVE-2017-7869) Update instructions The problem can be corrected by updating your [ more… ]

4025685 – Guidance related to June 2017 security update release – Version: 1.0

2017-06-14 KENNETH 0

4025685 – Guidance related to June 2017 security update release – Version: 1.0 Revision Note: V1.0 (June 13, 2017): Advisory publishedSummary: Microsoft is announcing the availability of additional guidance for critical security updates, that are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures. Some of the releases are new, and some are for older platforms that we are making publicly available today. Source: 4025685 – Guidance related to June 2017 security update release – Version: 1.0