No Image

USN-2852-1: Linux kernel (Raspberry Pi 2) vulnerability

2015-12-20 KENNETH 0

Ubuntu Security Notice USN-2852-1 19th December, 2015 linux-raspi2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary The system could be made to provide access outside of namespace sandbox. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Jann Horn discovered a ptrace issue with user namespaces in the Linuxkernel. The namespace owner could potentially exploit this flaw by ptracinga root owned process entering the user namespace to elevate its privilegesand potentially gain access outside of the namespace.(http://bugs.launchpad.net/bugs/1527374) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: linux-image-4.2.0-1017-raspi2 4.2.0-1017.24 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel [ more… ]

The Benefits of Microcaching with NGINX

2015-12-19 KENNETH 0

NGINX and NGINX Plus are commonly used as web content caches, ranging from individual websites to some of the largest content delivery networks (CDNs) in the world, such as MaxCDN and CloudFlare. Microcaching is an effective method for accelerating the delivery of dynamic, non-personalized content by caching it for very short periods of time. In this article, we’ll see how to accelerate a WordPress-based application by up to 400x using the microcaching technique. Why Cache Content? The benefits of caching are two-fold: caching improves web performance by delivering content more quickly, and it reduces the load on the origin servers. The effectiveness of caching depends on the cacheability of the content. For how long can we store the content, how do we check for updates, and how many users can we send the same cached content to? Caching static content, such [ more… ]

No Image

XE 1.8.15 RELEASE

2015-12-18 KENNETH 0

출처 : https://www.xpressengine.com/devlog/23109961 다운로드 : https://www.xpressengine.com/index.php?mid=download&package_id=18325662 XE 1.8.15 버전이 릴리즈 되었습니다.   변경 내역 Secutiry #1813 레이아웃 미리보기 기능을 이용한 보안 취약점 고침 @bnu 한국인터넷진흥원에서 알려주셨습니다   Defect #1763 $GLOBALS[’HTTP_RAW_POST_DATA’] 버그 수정 @qkrcjfgus33 #1762 autoload 적용으로 필요없어진 상수 삭제 @qkrcjfgus33 #1735 getDbInfo -> getDBInfo @qkrcjfgus33 ~

No Image

BIND DNS 신규 취약점 보안 업데이트

2015-12-18 KENNETH 0

BIND DNS 신규 취약점 보안 업데이트   출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=23846 □ 개요 o DNS 서비스를 위해 주로 이용하는 BIND DNS에 원격에서 서비스 거부를 발생시킬 수 있는 취약점이 발견 □ 설명 o 잘못된 클래스 속성 데이터를 응답 패킷에서 처리할 때 발생하는 서비스 거부 취약점(CVE-2015-8000) □ 영향 받는 소프트웨어 o BIND 9.0.x ~ 9.9.8 o BIND 9.10.0 ~ 9.10.3 □ 해결 방안 o BIND 9 버전 9.9.8-P2로 업데이트 o BIND 9 버전 9.10.3-P2로 업데이트 o BIND 9 버전 9.9.8-S3로 업데이트 □ 기타 문의사항 o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118 [참고사이트] – https://kb.isc.org/article/AA-01317 – http://www.isc.org/downloads/