No Image

USN-2915-2: Django regression

2016-03-07 KENNETH 0

USN-2915-2: Django regression Ubuntu Security Notice USN-2915-2 7th March, 2016 python-django regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Summary USN-2915-1 introduced a regression in Django. Software description python-django – High-level Python web development framework Details USN-2915-1 fixed vulnerabilities in Django. The upstream fix forCVE-2016-2512 introduced a regression for certain applications. This updatefixes the problem. Original advisory details: Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. (CVE-2016-2512) Sjoerd Job Postmus discovered that Django incorrectly handled timing when doing password hashing operations. A remote attacker could possibly use this issue to perform user enumeration. (CVE-2016-2513) Update instructions The problem can be corrected by updating your system to the [ more… ]

No Image

USN-2921-1: Squid vulnerabilities

2016-03-07 KENNETH 0

USN-2921-1: Squid vulnerabilities Ubuntu Security Notice USN-2921-1 7th March, 2016 squid3 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Squid. Software description squid3 – Web proxy cache server Details Sebastian Krahmer discovered that Squid incorrectly handled certain SNMPrequests. If SNMP is enabled, a remote attacker could use this issue tocause Squid to crash, resulting in a denial of service, or possibly executearbitrary code. (CVE-2014-6270) Alex Rousskov discovered that Squid incorrectly handled certain malformedresponses. A remote attacker could possibly use this issue to cause Squidto crash, resulting in a denial of service. (CVE-2016-2571) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: squid3 3.3.8-1ubuntu16.2 Ubuntu 14.04 LTS: squid3 3.3.8-1ubuntu6.6 Ubuntu 12.04 LTS: squid3 [ more… ]

No Image

RHSA-2016:0359-1: Important: chromium-browser security update

2016-03-07 KENNETH 0

RHSA-2016:0359-1: Important: chromium-browser security update Red Hat Enterprise Linux: Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2016-1630, CVE-2016-1631, CVE-2016-1632, CVE-2016-1633, CVE-2016-1634, CVE-2016-1635, CVE-2016-1636, CVE-2016-1637, CVE-2016-1638, CVE-2016-1639, CVE-2016-1640, CVE-2016-1641, CVE-2016-1642 Source: RHSA-2016:0359-1: Important: chromium-browser security update

No Image

RHSA-2016:0358-1: Low: openstack-glance security update

2016-03-07 KENNETH 0

RHSA-2016:0358-1: Low: openstack-glance security update Red Hat Enterprise Linux: Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2016-0757 Source: RHSA-2016:0358-1: Low: openstack-glance security update

[도서] 인터넷 서비스

2016-03-07 KENNETH 0

[도서] 인터넷 서비스 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]인터넷 서비스 김용성,은희주,김정윤 공저 | 생능출판사 | 2016년 03월 판매가 27,000원 (0%할인) | YES포인트 0원(0%지급) 이 책은 이론 중심인 본책과 문제 중심인 워크북으로 이루어져 있다. 본책으로는 이론과 실생활에서 그 이론이 어떻게 응용되고 활용되는지를 표, 그림, 사진 등을 통해 쉽게 이해할 수 있게 하였다. 또 본책을 요약 Source: [도서] 인터넷 서비스