SECURITY

No Image

RHSA-2016:1141-1: Moderate: ntp security update

2016-05-31 KENNETH 0

RHSA-2016:1141-1: Moderate: ntp security update Red Hat Enterprise Linux: An update for ntp is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2015-7979, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2518 Source: RHSA-2016:1141-1: Moderate: ntp security update

No Image

RHBA-2016:1136-1: Red Hat Certification bug fix and enhancement update

2016-05-30 KENNETH 0

RHBA-2016:1136-1: Red Hat Certification bug fix and enhancement update Red Hat Enterprise Linux: An updated redhat-certification package that fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Source: RHBA-2016:1136-1: Red Hat Certification bug fix and enhancement update

No Image

USN-2985-2: GNU C Library regression

2016-05-27 KENNETH 0

USN-2985-2: GNU C Library regression Ubuntu Security Notice USN-2985-2 26th May, 2016 eglibc, glibc regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2985-1 introduced a regression in the GNU C Library. Software description eglibc – GNU C Library glibc – GNU C Library Details USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix forCVE-2014-9761 introduced a regression which affected applications thatuse the libm library but were not fully restarted after the upgrade.This update removes the fix for CVE-2014-9761 and a future updatewill be provided to address this issue. We apologize for the inconvenience. Original advisory details: Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose [ more… ]

No Image

RHSA-2016:1132-1: Important: rh-mariadb100-mariadb security update

2016-05-26 KENNETH 0

RHSA-2016:1132-1: Important: rh-mariadb100-mariadb security update Red Hat Enterprise Linux: An update for rh-mariadb100-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2015-3210, CVE-2015-3217, CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0655, CVE-2016-0666, CVE-2016-0668, CVE-2016-1283, CVE-2016-2047, CVE-2016-3191 Source: RHSA-2016:1132-1: Important: rh-mariadb100-mariadb security update

No Image

VMware 보안 업데이트 권고

2016-05-26 KENNETH 0

출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=24310   □ 개요 o VMware社는 원격코드실행 취약점 등을 해결한 보안 업데이트를 발표[1][2] o 영향 받는 버전의 사용자는 최신 버전으로 업데이트 권고 □ 설명 o 공격자가 인증 없이 원격으로 역직렬화 결함을 유발하여 원격 코드 실행이 가능한 취약점(CVE-2016-3427) o Windows에서 실행되는 VMware Workstation 및 Player에서 호스트 OS의 권한을 취득할 수 있는 취약점(CVE-2016-2077) o 플래시 파라미터 삽입을 통한 Reflected XSS 취약점(CVE-2016-2078) □ 영향 받는 소프트웨어 o 원격 코드 실행 취약점 항목 OS 환경 영향 받는 버전 최신 버전 vCenter Server Windows 6.0 6.0.0b + KB2145343 5.5 (5.5 U3b + KB2144428) 또는 5.5 U3d 5.1 (5.1 U3b + KB2144428) 또는 5.1 U3d 5.0 5.0 U3e + KB2144428 Linux 6.0 6.0.0b 5.5 5.5 U3 5.1 5.1 U3d 5.0 5.0 U3e vCloud Director Linux 8.0.x 8.0.1.1 5.6.x 5.6.5.1 5.5.x 5.5.6.1 vSphere Replication Linux 6.1.x 패치 미정 6.0.x 6.0.0.3 5.8.x 5.8.1.2 5.6.x 5.6.0.6 o 권한 [ more… ]