No Image

USN-4193-1: Ghostscript vulnerability

2019-11-15 KENNETH 0

USN-4193-1: Ghostscript vulnerability ghostscript vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file. Software Description ghostscript – PostScript and PDF interpreter Details Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 ghostscript – 9.27~dfsg+0-0ubuntu3.1 libgs9 – 9.27~dfsg+0-0ubuntu3.1 Ubuntu 19.04 ghostscript – 9.26~dfsg+0-0ubuntu7.4 libgs9 – 9.26~dfsg+0-0ubuntu7.4 Ubuntu 18.04 LTS ghostscript – 9.26~dfsg+0-0ubuntu0.18.04.12 [ more… ]

[도서] 편집디자인 레이아웃

2019-11-15 KENNETH 0

[도서] 편집디자인 레이아웃 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]편집디자인 레이아웃 김경미 저 | 정보문화사 | 2019년 11월 판매가 16,200원 (10%할인) | YES포인트 900원(5%지급) 누가 무엇을 전달하기 위한 디자인인가? 이 책은 직접 레이아웃을 짜고, 구조를 설계하고, 웹사이트를 구축하는 데 필요한 노하우를 소개한다. 디자인을 통한 커뮤니케이션은 타이포그래피와 레이아웃을 통해 주 Source: [도서] 편집디자인 레이아웃

No Image

USN-4192-1: ImageMagick vulnerabilities

2019-11-14 KENNETH 0

USN-4192-1: ImageMagick vulnerabilities imagemagick vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in ImageMagick. Software Description imagemagick – Image manipulation programs and library Details It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 imagemagick – 8:6.9.10.23+dfsg-2.1ubuntu3.1 imagemagick-6.q16 – 8:6.9.10.23+dfsg-2.1ubuntu3.1 libmagick++-6.q16-8 – 8:6.9.10.23+dfsg-2.1ubuntu3.1 libmagickcore-6.q16-6 – 8:6.9.10.23+dfsg-2.1ubuntu3.1 libmagickcore-6.q16-6-extra – 8:6.9.10.23+dfsg-2.1ubuntu3.1 Ubuntu 19.04 imagemagick – 8:6.9.10.14+dfsg-7ubuntu2.3 imagemagick-6.q16 – 8:6.9.10.14+dfsg-7ubuntu2.3 libmagick++-6.q16-8 – 8:6.9.10.14+dfsg-7ubuntu2.3 libmagickcore-6.q16-6 [ more… ]

No Image

USN-4191-2: QEMU vulnerabilities

2019-11-14 KENNETH 0

USN-4191-2: QEMU vulnerabilities qemu vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Summary Several security issues were fixed in QEMU. Software Description qemu – Machine emulator and virtualizer Details USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. (CVE-2019-12068) Sergej Schumilo, Cornelius Aschermann and Simon Wörner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a null pointer dereference. A local attacker in a guest could use this to cause a denial of service. (CVE-2019-12155) Riccardo Schirone discovered that the QEMU bridge helper did not properly validate network interface names. A [ more… ]

No Image

USN-4191-1: QEMU vulnerabilities

2019-11-14 KENNETH 0

USN-4191-1: QEMU vulnerabilities qemu vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in QEMU. Software Description qemu – Machine emulator and virtualizer Details It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. (CVE-2019-12068) Sergej Schumilo, Cornelius Aschermann and Simon Wörner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a null pointer dereference. A local attacker in a guest could use this to cause a denial of service. (CVE-2019-12155) Riccardo Schirone discovered that the QEMU bridge helper did not properly validate network interface names. A local attacker could possibly use this to bypass ACL restrictions. (CVE-2019-13164) It [ more… ]