SECURITY

No Image

Apple 보안 업데이트 권고

2016-03-22 KENNETH 0

출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=24111   □ 개요 o Apple社에서 자사 제품 취약점을 해결한 보안업데이트 공지 o 공격자가 취약점을 이용하여 피해를 발생시킬 수 있어 해당 Apple 제품을 사용하는 이용자들은 최신버전으로 업데이트 권고 □ 설명 o Windows 7 이상의 운영체제에서 윈도우 업데이트 창 콘텐츠 부분을 조작할 수 있는 네트워크 권한 상승 취약점 (CVE-2016-1731) □ 해당 시스템 o 영향 받는 소프트웨어 – (iCloud, QuickTime 등에 버전 관리 기능을 제공하는) Apple Software Update 2.2 이전 버전 □ 해결 방안 o Apple Software Update 2.2 버전으로 업데이트 – [설정] → [일반] → [소프트웨어업데이트] 선택 → [다운로드 및 설치] □ 기타 문의사항 o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118 [참고사이트] [1] https://support.apple.com/en-us/HT206091

No Image

USN-2938-1: Git vulnerabilities

2016-03-22 KENNETH 0

USN-2938-1: Git vulnerabilities Ubuntu Security Notice USN-2938-1 21st March, 2016 git vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Git could be made to crash or run programs as your login if it received changes from a specially crafted remote repository. Software description git – fast, scalable, distributed revision control system Details Laël Cellier discovered that Git incorrectly handled path strings incrafted Git repositories. A remote attacker could use this issue to causea denial of service or possibly execute arbitrary code with theprivileges of the user invoking Git. (CVE-2016-2315, CVE-2016-2324) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: git 1:2.5.0-1ubuntu0.2 Ubuntu 14.04 LTS: git 1:1.9.1-1ubuntu0.3 Ubuntu 12.04 LTS: git 1:1.7.9.5-1ubuntu0.3 To update your system, please follow these [ more… ]

No Image

RHSA-2016:0465-1: Moderate: openssh security update

2016-03-22 KENNETH 0

RHSA-2016:0465-1: Moderate: openssh security update Red Hat Enterprise Linux: Updated openssh packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2016-1908, CVE-2016-3115 Source: RHSA-2016:0465-1: Moderate: openssh security update

No Image

RHSA-2016:0466-1: Moderate: openssh security update

2016-03-22 KENNETH 0

RHSA-2016:0466-1: Moderate: openssh security update Red Hat Enterprise Linux: Updated openssh packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-5600, CVE-2016-3115 Source: RHSA-2016:0466-1: Moderate: openssh security update

No Image

USN-2937-1: WebKitGTK+ vulnerabilities

2016-03-22 KENNETH 0

USN-2937-1: WebKitGTK+ vulnerabilities Ubuntu Security Notice USN-2937-1 21st March, 2016 webkitgtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software description webkitgtk – Web content engine library for GTK+ Details A large number of security issues were discovered in the WebKitGTK+ Web andJavaScript engines. If a user were tricked into viewing a maliciouswebsite, a remote attacker could exploit a variety of issues related to webbrowser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: libjavascriptcoregtk-3.0-0 2.4.10-0ubuntu0.15.10.1 libjavascriptcoregtk-1.0-0 2.4.10-0ubuntu0.15.10.1 libwebkitgtk-1.0-0 2.4.10-0ubuntu0.15.10.1 libwebkitgtk-3.0-0 2.4.10-0ubuntu0.15.10.1 Ubuntu 14.04 LTS: libjavascriptcoregtk-3.0-0 2.4.10-0ubuntu0.14.04.1 libjavascriptcoregtk-1.0-0 2.4.10-0ubuntu0.14.04.1 libwebkitgtk-1.0-0 2.4.10-0ubuntu0.14.04.1 libwebkitgtk-3.0-0 2.4.10-0ubuntu0.14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]