No Image

RHSA-2017:0263-1: Critical: java-1.8.0-ibm security update

2017-02-09 KENNETH 0

RHSA-2017:0263-1: Critical: java-1.8.0-ibm security update Red Hat Enterprise Linux: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289 Source: RHSA-2017:0263-1: Critical: java-1.8.0-ibm security update

No Image

USN-3194-1: OpenJDK 7 vulnerabilities

2017-02-09 KENNETH 0

USN-3194-1: OpenJDK 7 vulnerabilities Ubuntu Security Notice USN-3194-1 8th February, 2017 openjdk-7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in OpenJDK 7. Software description openjdk-7 – Open Source Java implementation Details Karthik Bhargavan and Gaetan Leurent discovered that the DES andTriple DES ciphers were vulnerable to birthday attacks. A remoteattacker could possibly use this flaw to obtain clear text data fromlong encrypted sessions. This update moves those algorithms to thelegacy algorithm set and causes them to be used only if no non-legacyalgorithms can be negotiated. (CVE-2016-2183) It was discovered that OpenJDK accepted ECSDA signatures usingnon-canonical DER encoding. An attacker could use this to modify orexpose sensitive data. (CVE-2016-5546) It was discovered that OpenJDK did not properly verify objectidentifier (OID) length when reading Distinguished [ more… ]

Get Smart: Operational Intelligence for NGINX and NGINX Plus With Splunk Enterprise

2017-02-09 KENNETH 0

Get Smart: Operational Intelligence for NGINX and NGINX Plus With Splunk Enterprise Splunk® Enterprise is data collection and analysis software that makes it simple to act on the untapped value of the big data generated by your technology infrastructure, security systems, and business applications – giving you the insights to drive operational performance and business results. NGINX, Inc. and Splunk have teamed up to offer the Splunk Add‑On for NGINX and NGINX Plus, which assists with indexing both NGINX log data and NGINX Plus API data, so you can glean valuable information about your NGINX or NGINX Plus deployment and the applications running within your infrastructure. This blog provides step‑by‑step instructions for downloading and configuring the Add‑On, including the following topics: Installing the Splunk Add‑On for NGINX and NGINX Plus Installing the Splunk universal forwarder Configuring logging for NGINX and NGINX Plus Enabling the Splunk Add‑On to [ more… ]

No Image

USN-3180-1: Oxide vulnerabilities

2017-02-09 KENNETH 0

USN-3180-1: Oxide vulnerabilities Ubuntu Security Notice USN-3180-1 8th February, 2017 oxide-qt vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Oxide. Software description oxide-qt – Web browser engine for Qt (QML plugin) Details Multiple vulnerabilities were discovered in Chromium. If a user weretricked in to opening a specially crafted website, an attacker couldpotentially exploit these to conduct cross-site scripting (XSS) attacks,read uninitialized memory, obtain sensitive information, spoof thewebview URL or other UI components, bypass same origin restrictions orother security restrictions, cause a denial of service via applicationcrash, or execute arbitrary code. (CVE-2017-5006, CVE-2017-5007,CVE-2017-5008, CVE-2017-5009, CVE-2017-5010, CVE-2017-5011, CVE-2017-5012,CVE-2017-5014, CVE-2017-5017, CVE-2017-5019, CVE-2017-5022, CVE-2017-5023,CVE-2017-5024, CVE-2017-5025, CVE-2017-5026) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: liboxideqtcore0 [ more… ]

MARS future looking sweeter with Microsoft technology

2017-02-09 KENNETH 0

MARS future looking sweeter with Microsoft technology Whether it’s grabbing gum at checkout, satisfying late-afternoon hunger with a Milky Way ®, or even buying pet food for that unconditional loving best friend, we’ve all been surrounded by MARS products and might not even know it! As a century-old family-owned business, MARS has certainly found its recipe for success. The company has made $35 billion in global sales by putting people first in everything they do. With 60 brands across six segments from food, drinks, chocolate, confectionary (gum), pet care and symbioscience, the company is more than just sweet treats. MARS understands a long-term vision that is committed to product, technology and workplace innovation based on the company’s Five Principles– Quality, Responsibility, Mutuality, Efficiency and Freedom. MARS has long valued a workplace that encourages mutuality and open communication among all Associates. [ more… ]