No Image

USN-4097-2: PHP vulnerabilities

2019-08-14 KENNETH 0

USN-4097-2: PHP vulnerabilities php5 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary PHP could be made to crash or execute arbitrary code if it received specially crafted image. Software Description php5 – HTML-embedded scripting language interpreter Details USN-4097-1 fixed several vulnerabilities in php5. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM libapache2-mod-php5 – 5.5.9+dfsg-1ubuntu4.29+esm5 php5-cgi – 5.5.9+dfsg-1ubuntu4.29+esm5 php5-cli – 5.5.9+dfsg-1ubuntu4.29+esm5 php5-fpm – 5.5.9+dfsg-1ubuntu4.29+esm5 php5-xmlrpc – 5.5.9+dfsg-1ubuntu4.29+esm5 Ubuntu 12.04 ESM libapache2-mod-php5 – 5.3.10-1ubuntu3.39 php5-cgi [ more… ]

No Image

Windows 10 SDK Preview Build 18956 available now!

2019-08-14 KENNETH 0

Windows 10 SDK Preview Build 18956 available now! Today, we released a new Windows 10 Preview Build of the SDK to be used in conjunction with Windows 10 Insider Preview (Build 18956 or greater). The Preview SDK Build 18956 contains bug fixes and under development changes to the API surface area. The Preview SDK can be downloaded from developer section on Windows Insider. For feedback and updates to the known issues, please see the developer forum. For new developer feature requests, head over to our Windows Platform UserVoice. Things to note: This build works in conjunction with previously released SDKs and Visual Studio 2017 and 2019. You can install this SDK and still also continue to submit your apps that target Windows 10 build 1903 or earlier to the Microsoft Store. The Windows SDK will now formally only be supported by Visual Studio 2017 [ more… ]

No Image

USN-4097-1: PHP vulnerabilities

2019-08-14 KENNETH 0

USN-4097-1: PHP vulnerabilities php7.0, php7.2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary PHP could be made to crash or execute arbitrary code if it received specially crafted image. Software Description php7.2 – HTML-embedded scripting language interpreter php7.0 – HTML-embedded scripting language interpreter Details It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libapache2-mod-php7.2 – 7.2.19-0ubuntu0.19.04.2 php7.2-cgi – 7.2.19-0ubuntu0.19.04.2 php7.2-cli – 7.2.19-0ubuntu0.19.04.2 php7.2-fpm – 7.2.19-0ubuntu0.19.04.2 php7.2-xmlrpc – 7.2.19-0ubuntu0.19.04.2 Ubuntu 18.04 LTS libapache2-mod-php7.2 – 7.2.19-0ubuntu0.18.04.2 php7.2-cgi – 7.2.19-0ubuntu0.18.04.2 php7.2-cli – 7.2.19-0ubuntu0.18.04.2 php7.2-fpm – 7.2.19-0ubuntu0.18.04.2 php7.2-xmlrpc – 7.2.19-0ubuntu0.18.04.2 Ubuntu 16.04 LTS libapache2-mod-php7.0 [ more… ]

[도서] [예약판매] 블러드본 아트웍스

2019-08-14 KENNETH 0

[도서] [예약판매] 블러드본 아트웍스 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서][예약판매] 블러드본 아트웍스 소니인터렉티브엔터테인먼트,프롬소프트웨어 저/편집부 역 | 비엘북스 | 2019년 08월 판매가 31,500원 (10%할인) | YES포인트 1,750원(5%지급) [블러드본(Bloodborne)]은 저주받은 어둠의 도시 야남에서 벌어지는 액션 롤플레잉 게임이다. [아머드 코어], [다크소울] 시리즈로 유명한 프롬소프트웨어에서 개발되어 소니 인터렉티브 엔터테인먼트의 PS4 독점작 Source: [도서] [예약판매] 블러드본 아트웍스

No Image

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

2019-08-14 KENNETH 0

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities Today we are releasing updates to NGINX Open Source and NGINX Plus in response to the vulnerabilities recently discovered in the HTTP/2 protocol. We strongly recommend upgrading all systems that have HTTP/2 enabled. In May 2019, researchers at Netflix discovered a number of security vulnerabilities in several HTTP/2 server implementations. These were responsibly reported to each of the vendors and maintainers concerned. NGINX was vulnerable to three attack vectors, as detailed in the following CVEs: CVE-2019-9511 (Data dribble) CVE-2019-9513 (Resource loop) CVE-2019-9516 (Zero‑length headers leak) We have addressed these vulnerabilities, and added other HTTP/2 security safeguards, in the following NGINX versions: NGINX 1.16.1 (stable) NGINX 1.17.3 (mainline) NGINX Plus R18 P1 The post NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities appeared first on NGINX. Source: NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities