SECURITY – 페이지 862 – 지락문화예술공작단

RHSA-2017:3401-1: Critical: chromium-browser security update

2017-12-08 KENNETH 0

RHSA-2017:3401-1: Critical: chromium-browser security update Red Hat Enterprise Linux: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427 Source: RHSA-2017:3401-1: Critical: chromium-browser security update

RHSA-2017:3399-1: Important: Red Hat JBoss Enterprise Application Platform 5.2 security update

2017-12-08 KENNETH 0

RHSA-2017:3399-1: Important: Red Hat JBoss Enterprise Application Platform 5.2 security update Red Hat Enterprise Linux: An update is now available for Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 5 and Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-5645 Source: RHSA-2017:3399-1: Important: Red Hat JBoss Enterprise Application Platform 5.2 security update

USN-3506-1: rsync vulnerabilities

2017-12-07 KENNETH 0

USN-3506-1: rsync vulnerabilities Ubuntu Security Notice USN-3506-1 7th December, 2017 rsync vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in rsync. Software description rsync – fast, versatile, remote (and local) file-copying tool Details It was discovered that rsync proceeds with certain file metadata updatesbefore checking for a filename. An attacker could use this to bypass accessrestrictions. (CVE-2017-17433) It was discovered that rsync does not check for fnamecmp filenames and alsodoes not apply the sanitize_paths protection mechanism to pathnames. An attackercould use this to bypass access restrictions. (CVE-2017-17434) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: rsync 3.1.2-2ubuntu0.1 Ubuntu 17.04: rsync 3.1.2-1ubuntu0.1 Ubuntu 16.04 LTS: rsync 3.1.1-3ubuntu1.1 Ubuntu 14.04 LTS: rsync [ more… ]

USN-3506-2: rsync vulnerabilities

2017-12-07 KENNETH 0

USN-3506-2: rsync vulnerabilities Ubuntu Security Notice USN-3506-2 7th December, 2017 rsync vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in rsync. Software description rsync – fast, versatile, remote (and local) file-copying tool Details USN-3506-1 fixed two vulnerabilities in rsync. This update providesthe corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that rsync proceeds with certain file metadata updates before checking for a filename. An attacker could use this to bypass access restrictions. (CVE-2017-17433) It was discovered that rsync does not check for fnamecmp filenames and also does not apply the sanitize_paths protection mechanism to pathnames. An attacker could use this to bypass access restrictions. (CVE-2017-17434) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 [ more… ]

RHBA-2017:3397-1: libvirt bug fix update

2017-12-07 KENNETH 0

RHBA-2017:3397-1: libvirt bug fix update Red Hat Enterprise Linux: Updated libvirt packages that fix one bug are now available for Red Hat Enterprise Linux 7. Source: RHBA-2017:3397-1: libvirt bug fix update