RHEA-2016:0703-1: Red Hat Enterprise Linux Atomic pod-infrastructure Container Image Update An updated Red Hat Enterprise Linux Atomic pod-infrastructure container image is now available for Red Hat Enterprise Linux Atomic Host. Source: RHEA-2016:0703-1: Red Hat Enterprise Linux Atomic pod-infrastructure Container Image Update
USN-2956-1: ubuntu-core-launcher vulnerability Ubuntu Security Notice USN-2956-1 29th April, 2016 ubuntu-core-launcher vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary ubuntu-core-launcher did not properly isolate snaps from one another. Software description ubuntu-core-launcher – Snap application launcher Details Zygmunt Krynicki discovered that ubuntu-core-launcher did not properlysanitize its input and contained a logic error when determining themountpoint of bind mounts when using snaps on traditional Ubuntu systems(eg, desktop and server). If a user were tricked into installing amalicious snap with a crafted snap name, an attacker could perform adelayed attack to steal data or execute code within the security context ofanother snap. This issue did not affect Ubuntu Core systems. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: ubuntu-core-launcher 1.0.27.1 To update your system, [ more… ]
RHSA-2016:0701-1: Critical: java-1.7.1-ibm security update Red Hat Enterprise Linux: An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449 Source: RHSA-2016:0701-1: Critical: java-1.7.1-ibm security update
RHSA-2016:0702-1: Critical: java-1.7.0-ibm security update Red Hat Enterprise Linux: An update for java-1.7.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449 Source: RHSA-2016:0702-1: Critical: java-1.7.0-ibm security update
출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=24223 □ 개요 o Apache Struts 2에서 원격 코드 실행 취약점 등을 보완한 보안 업데이트 발표[1][2] o 영향 받는 버전의 사용자는 최신버전으로 업데이트 권고 □ 설명 o 원격 코드 실행 취약점(CVE-2016-3081, CVE-2016-3082) [3][4] □ 영향 받는 버전 o Struts 2.0.0 ~ Struts 2.3.28 (2.3.20.3 및 2.3.24.3 제외) □ 해결 방안 o Struts 2.3.20.3, 2.3.24.3, 2.3.28.1로 업데이트 □ 기타 문의사항 o 한국인터넷진흥원 인터넷침해대응센터: 국번 없이 118 [참고사이트] [1 ]http://struts.apache.org/download.cgi#struts23281 [2] http://struts.apache.org/docs/version-notes-23281.html [3] http://struts.apache.org/docs/s2-031.html [4] http://struts.apache.org/docs/s2-032.html
Copyright © 2026 | WordPress Theme by MH Themes
