SECURITY – 페이지 1219 – 지락문화예술공작단

RHSA-2016:2658-1: Important: java-1.7.0-openjdk security update

2016-11-07 KENNETH 0

RHSA-2016:2658-1: Important: java-1.7.0-openjdk security update Red Hat Enterprise Linux: An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-5542, CVE-2016-5554, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597 Source: RHSA-2016:2658-1: Important: java-1.7.0-openjdk security update

RHBA-2016:2660-1: tzdata bug fix and enhancement update

2016-11-07 KENNETH 0

RHBA-2016:2660-1: tzdata bug fix and enhancement update Red Hat Enterprise Linux: Updated tzdata packages that add various enhancements are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Advanced Update Support, Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, Red Hat Enterprise Linux 6.7 Extended Update Support, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7.1 Extended Update Support, Red Hat Enterprise Linux 7.1 Little Endian Extended Update Support, Red Hat Enterprise Linux 7.2 Extended Update Support, [ more… ]

RHSA-2016:2659-1: Critical: java-1.6.0-ibm security update

2016-11-07 KENNETH 0

RHSA-2016:2659-1: Critical: java-1.6.0-ibm security update Red Hat Enterprise Linux: An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597 Source: RHSA-2016:2659-1: Critical: java-1.6.0-ibm security update

USN-3123-1: curl vulnerabilities

2016-11-04 KENNETH 0

USN-3123-1: curl vulnerabilities Ubuntu Security Notice USN-3123-1 3rd November, 2016 curl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in curl. Software description curl – HTTP, HTTPS, and FTP client and client libraries Details It was discovered that curl incorrectly reused client certificates whenbuilt with NSS. A remote attacker could possibly use this issue to hijackthe authentication of a TLS connection. (CVE-2016-7141) Nguyen Vu Hoang discovered that curl incorrectly handled escaping certainstrings. A remote attacker could possibly use this issue to cause curl tocrash, resulting in a denial of service, or possibly execute arbitrarycode. (CVE-2016-7167) It was discovered that curl incorrectly handled storing cookies. A remoteattacker could possibly use this issue to inject cookies for arbitrarydomains in the cookie [ more… ]

USN-3122-1: NVIDIA graphics drivers vulnerabilities

2016-11-04 KENNETH 0

USN-3122-1: NVIDIA graphics drivers vulnerabilities Ubuntu Security Notice USN-3122-1 3rd November, 2016 nvidia-graphics-drivers-304, nvidia-graphics-drivers-340, nvidia-graphics-drivers-367 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary NVIDIA graphics drivers could be made to run programs as an administrator. Software description nvidia-graphics-drivers-304 – NVIDIA binary X.Org driver nvidia-graphics-drivers-340 – NVIDIA binary X.Org driver nvidia-graphics-drivers-367 – NVIDIA binary X.Org driver Details It was discovered that the NVIDIA graphics drivers incorrectly sanitizeduser mode inputs. A local attacker could use this issue to possibly gainroot privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: nvidia-331 340.98-0ubuntu0.16.04.1 nvidia-current 304.132-0ubuntu0.16.04.2 nvidia-340-updates 340.98-0ubuntu0.16.04.1 nvidia-340 340.98-0ubuntu0.16.04.1 nvidia-331-updates 340.98-0ubuntu0.16.04.1 nvidia-361 367.57-0ubuntu0.16.04.1 nvidia-367 367.57-0ubuntu0.16.04.1 nvidia-304-updates 304.132-0ubuntu0.16.04.2 nvidia-304 304.132-0ubuntu0.16.04.2 Ubuntu 14.04 LTS: nvidia-331 340.98-0ubuntu0.14.04.1 nvidia-current 304.132-0ubuntu0.14.04.2 nvidia-352 367.57-0ubuntu0.14.04.1 nvidia-340-updates [ more… ]