No Image

USN-4256-1: Cyrus SASL vulnerability

2020-01-28 KENNETH 0

USN-4256-1: Cyrus SASL vulnerability cyrus-sasl2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Cyrus SASL could be made to crash or execute arbitrary code if it received a specially crafted LDAP packet. Software Description cyrus-sasl2 – Cyrus Simple Authentication and Security Layer Details It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 libsasl2-2 – 2.1.27+dfsg-1ubuntu0.1 Ubuntu 18.04 LTS libsasl2-2 – 2.1.27~101-g0780600+dfsg-3ubuntu2.1 Ubuntu 16.04 LTS libsasl2-2 – 2.1.26.dfsg1-14ubuntu0.2 Ubuntu 14.04 ESM libsasl2-2 – 2.1.25.dfsg1-17ubuntu0.1~esm1 Ubuntu 12.04 ESM libsasl2-2 – 2.1.25.dfsg1-3ubuntu0.2 To update your system, please [ more… ]

Amazon RDS 스냅샷, Parquet 포맷 기반 Amazon S3 내보내기 기능 출시

2020-01-28 KENNETH 0

Amazon RDS 스냅샷, Parquet 포맷 기반 Amazon S3 내보내기 기능 출시 오늘날 AWS 고객은 복잡한 애플리케이션을 더 작은 조각으로 나누어 다양한 목적으로 구축 된 데이터베이스를 사용하여 고도로 분산 된 애플리케이션을 구축하여 올바른 작업에 적합한 툴을 선택할 수 있습니다. 데이터 저장소 및 애플리케이션의 수가 증가함에 따라 여러 데이터 소스에서 분석을 실행하는 것은 어려울 수 있습니다. 최근 AWS는 데이터 분석가, 엔지니어 및 데이터 과학자가 관계형, 비 관계형, 객체 및 맞춤형 데이터 소스에 저장된 데이터에 대해 SQL 쿼리를 실행할 수있는 Amazon Athena Federated Query 를 출시했습니다 . 또한 Amazon Redshift Federated Query를 사용하면 운영 데이터베이스, 데이터웨어 하우스 및 데이터 레이크에서 데이터를 쿼리하고 분석 할 수 있습니다. 이제 Amazon RDS, Amazon Aurora 및 DynamoDB의 라이브 데이터에 대한 쿼리를 두 가지 새로운 기능으로 Amazon Redshift 및 Amazon S3 환경에 대한 쿼리와 통합 할 수 있습니다. DB 스냅 샷 데이터를 Amazon S3로 내보내기 오늘 분석을위한 효율적인 개방형 컬럼 스토리지 형식 인 Apache Parquet 로 Amazon Relational Database Service (RDS) 또는 Amazon Aurora 스냅 [ more… ]

No Image

USN-4255-1: Linux kernel vulnerabilities

2020-01-28 KENNETH 0

USN-4255-1: Linux kernel vulnerabilities linux, linux-aws, linux-oem vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-oem – Linux kernel for OEM processors Details It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615) It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053) Update instructions The problem can be corrected by [ more… ]

No Image

USN-4254-1: Linux kernel vulnerabilities

2020-01-28 KENNETH 0

USN-4254-1: Linux kernel vulnerabilities linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-kvm – Linux kernel for cloud environments linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon processors Details It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615) It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly [ more… ]

No Image

USN-4253-1: Linux kernel vulnerability

2020-01-28 KENNETH 0

USN-4253-1: Linux kernel vulnerability linux, linux-aws vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Summary The Linux kernel could be made to expose sensitive information. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems Details It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 linux-image-5.3.0-1010-aws – 5.3.0-1010.11 linux-image-5.3.0-29-generic – 5.3.0-29.31 linux-image-5.3.0-29-generic-lpae – 5.3.0-29.31 linux-image-5.3.0-29-lowlatency – 5.3.0-29.31 linux-image-5.3.0-29-snapdragon – 5.3.0-29.31 linux-image-aws – 5.3.0.1010.12 linux-image-generic – 5.3.0.29.33 linux-image-generic-lpae – 5.3.0.29.33 linux-image-lowlatency – 5.3.0.29.33 linux-image-virtual – 5.3.0.29.33 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system [ more… ]