No Image

USN-3365-1: Ruby vulnerabilities

2017-07-26 KENNETH 0

USN-3365-1: Ruby vulnerabilities Ubuntu Security Notice USN-3365-1 25th July, 2017 ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Ruby. Software description ruby1.9.1 – Object-oriented scripting language ruby2.0 – Object-oriented scripting language ruby2.3 – Object-oriented scripting language Details It was discovered that Ruby DL::dlopen incorrectly handled openinglibraries. An attacker could possibly use this issue to open libraries withtainted names. This issue only applied to Ubuntu 14.04 LTS. (CVE-2009-5147) Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the RubyOpenSSL extension incorrectly handled hostname wildcard matching. Thisissue only applied to Ubuntu 14.04 LTS. (CVE-2015-1855) Christian Hofstaedtler discovered that Ruby Fiddle::Handle incorrectlyhandled certain crafted strings. An attacker could use this issue to causea denial of service, or possibly execute arbitrary code. [ more… ]

No Image

The End of an Era – Next Steps for Adobe Flash

2017-07-26 KENNETH 0

The End of an Era – Next Steps for Adobe Flash Today, Adobe announced that Flash will no longer be supported after 2020. Microsoft will phase out support for Flash in Microsoft Edge and Internet Explorer ahead of this date. Flash led the way on the web for rich content, gaming, animations, and media of all kinds, and inspired many of the current web standards powering HTML5. Adobe has partnered with Microsoft, Google, Mozilla, Apple, and many others, to ensure that the open web could meet and exceed the experiences that Flash has traditionally provided. HTML5 standards, implemented across all modern browsers, provide these capabilities with improved performance, battery life, and increased security. We look forward to continuing to work with Adobe and our industry partners on enriching the open web without the need for plug-ins. We will phase out [ more… ]

No Image

RHSA-2017:1599-2: Important: ansible security update

2017-07-25 KENNETH 0

RHSA-2017:1599-2: Important: ansible security update Red Hat Enterprise Linux: An update for ansible is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-7466, CVE-2017-7481 Source: RHSA-2017:1599-2: Important: ansible security update

MS Paint is here to stay

2017-07-25 KENNETH 0

MS Paint is here to stay Today, we’ve seen an incredible outpouring of support and nostalgia around MS Paint. If there’s anything we learned, it’s that after 32 years, MS Paint has a lot of fans. It’s been amazing to see so much love for our trusty old app. Amidst today’s commentary around MS Paint we wanted to take this opportunity to set the record straight, clear up some confusion and share some good news: MS Paint is here to stay, it will just have a new home soon, in the Windows Store where it will be available for free. Paint 3D – the new app for creativity, also available for free with the Windows 10 Creators Update, will continue to get new feature updates. In addition to the new 3D capabilities, many of the MS Paint features people know [ more… ]

Amazon RDS for SQL Server – 윈도 인증 기능 서울 리전 출시

2017-07-25 KENNETH 0

Amazon RDS for SQL Server – 윈도 인증 기능 서울 리전 출시 2012년에 Amazon RDS 서비스에 대한 SQL Server 지원을 처음 시작했습니다. 그 후 SSL 지원, 주요 버전 업그레이드, 데이터 암호화 및 Multi-AZ를 포함한 많은 기능을 추가했습니다. 이러한 신규 기능은 SQL Server 기반 RDS 적용 범위를 넓히고 고객들의 추가 사용 사례를 열었습니다. 윈도우즈 워크로드를 실행하는 많은 기업에서 Active Directory를 기반한 계정 자격 증명 및 관련 사용 권한을 지정합니다. 디렉토리는이 정보에 대한 단일 소스를 제공하며 중앙 집중식 관리를 허용합니다. 지난 3월에 출시된 AWS Directory Service를 사용하여 Microsoft Active Directory의 Enterprise Edition을 실행을 오늘 부터 서울 리전에서도 사용 가능합니다. 서울 리전, 윈도 인증 지원 Microsoft Active Directory (Enterprise Edition)를 통해 AWS Directory Service에 저장된 자격 증명을 사용하여 SQL Server용 Amazon RDS에 대한 애플리케이션 인증을 허용 할 수 있습니다. 동일한 디렉토리에 모든 자격 증명을 유지함으로서 더 이상 각 복사본을 찾고 업데이트 할 필요가 [ more… ]