---------- Forwarded message ---------
From: benjamin.romer@canonical.com
Date: Apr 15, 2020 7:33AM
Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine)
emulated the IOAPIC. A privileged guest user could exploit this flaw to
read host memory or cause a denial of service (crash the host).
(CVE-2013-1798)
It was discovered that the KVM implementation in the Linux kernel, when
paravirtual TLB flushes are enabled in guests, the hypervisor in some
situations could miss deferred TLB flushes or otherwise mishandle them. An
attacker in a guest VM could use this to expose sensitive information (read
memory from another guest VM). (CVE-2019-3016)
Al Viro discovered that the vfs layer in the Linux kernel contained a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2020-8428)
References:
CVE-2013-1798, CVE-2019-3016, CVE-2020-8428
2020年4月28日 星期二
Roku: How to watch your local news live
Looking for live, local news coverage of events in your local areas? Here are tips on finding and streaming your local news.
TrendLabs: OpenSMTPD Vulnerability (CVE-2020-8794) Can Lead to Root Privilege Escalation and Remote Code Execution
Figure 3. Lines injected to envelope for older versions
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/opensmtpd-vulnerability-cve-2020-8794-can-lead-to-root-privilege-escalation-and-remote-code-execution/
[USN-4330-1] PHP vulnerabilities
---------- Forwarded message ---------
From: Leonidas S. Barbosa
Date: Apr 15, 2020 11:35PM
It was discovered that PHP incorrectly handled certain file uploads.
An attacker could possibly use this issue to cause a crash.
(CVE-2020-7062)
It was discovered that PHP incorrectly handled certain PHAR archive files.
An attacker could possibly use this issue to access sensitive information.
(CVE-2020-7063)
It was discovered that PHP incorrectly handled certain EXIF files.
An attacker could possibly use this issue to access sensitive information
or cause a crash. (CVE-2020-7064)
It was discovered that PHP incorrectly handled certain UTF strings.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2020-7065)
It was discovered that PHP incorrectly handled certain URLs.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10.
(CVE-2020-7066)
References:
https://usn.ubuntu.com/4330-1
CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065,
CVE-2020-7066
From: Leonidas S. Barbosa
Date: Apr 15, 2020 11:35PM
It was discovered that PHP incorrectly handled certain file uploads.
An attacker could possibly use this issue to cause a crash.
(CVE-2020-7062)
It was discovered that PHP incorrectly handled certain PHAR archive files.
An attacker could possibly use this issue to access sensitive information.
(CVE-2020-7063)
It was discovered that PHP incorrectly handled certain EXIF files.
An attacker could possibly use this issue to access sensitive information
or cause a crash. (CVE-2020-7064)
It was discovered that PHP incorrectly handled certain UTF strings.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2020-7065)
It was discovered that PHP incorrectly handled certain URLs.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10.
(CVE-2020-7066)
References:
https://usn.ubuntu.com/4330-1
CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065,
CVE-2020-7066
Cloudflare: Introducing 1.1.1.1 for Families
ADMIN: Kali Linux 2020.1 (Live)
REF: https://www.admin-magazine.com/Archive/2020/56/Kali-Linux-2020.1-Live
[Openvpn-announce] OpenVPN 2.4.9 released
---------- Forwarded message ---------
The OpenVPN community project team is proud to release OpenVPN 2.4.9. It
can be downloaded from here:
<https://openvpn.net/community
This is primarily a maintenance release with bugfixes and improvements.
This release also fixes a security issue (CVE-2020-11810, trac #1272)
which allows disrupting service of a freshly connected client that has
not yet not negotiated session keys. The vulnerability cannot be used to
inject or steal VPN traffic.
A summary of all included changes is available here:
<https://github.com/OpenVPN/op
A full list of changes is available here:
<https://community.openvpn.net
Please note that LibreSSL is not a supported crypto backend. We accept
patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if
newer versions of LibreSSL break API compatibility we do not take
responsibility to fix that.
From: Samuli Seppänen
Date: Fri, Apr 17, 2020 at 8:54 PM
Date: Fri, Apr 17, 2020 at 8:54 PM
The OpenVPN community project team is proud to release OpenVPN 2.4.9. It
can be downloaded from here:
<https://openvpn.net/community
This is primarily a maintenance release with bugfixes and improvements.
This release also fixes a security issue (CVE-2020-11810, trac #1272)
which allows disrupting service of a freshly connected client that has
not yet not negotiated session keys. The vulnerability cannot be used to
inject or steal VPN traffic.
A summary of all included changes is available here:
<https://github.com/OpenVPN/op
A full list of changes is available here:
<https://community.openvpn.net
Please note that LibreSSL is not a supported crypto backend. We accept
patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if
newer versions of LibreSSL break API compatibility we do not take
responsibility to fix that.
2020年4月20日 星期一
[USN-4329-1] Git vulnerability
---------- Forwarded message ---------
From: Marc Deslauriers
Date: Apr 15, 2020 7:32AM
Felix Wilhelm discovered that Git incorrectly handled certain URLs that
included newlines. A remote attacker could possibly use this issue to trick
Git into returning credential information for a wrong host.
References:
https://usn.ubuntu.com/4329-1
CVE-2020-5260
From: Marc Deslauriers
Date: Apr 15, 2020 7:32AM
Felix Wilhelm discovered that Git incorrectly handled certain URLs that
included newlines. A remote attacker could possibly use this issue to trick
Git into returning credential information for a wrong host.
References:
https://usn.ubuntu.com/4329-1
CVE-2020-5260
2020年4月19日 星期日
Cloudflare: How We Built CloudflareTV Loading..
[USN-4325-1] Linux kernel vulnerabilities
---------- Forwarded message ---------
From: Steve Beattie
Date: Apr 8, 2020 7:59AM
It was discovered that the IPMI message handler implementation in the Linux
kernel did not properly deallocate memory in certain situations. A local
attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2019-19046)
Al Viro discovered that the vfs layer in the Linux kernel contained a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2020-8428)
References:
https://usn.ubuntu.com/4325-1
CVE-2019-19046, CVE-2020-8428
From: Steve Beattie
Date: Apr 8, 2020 7:59AM
It was discovered that the IPMI message handler implementation in the Linux
kernel did not properly deallocate memory in certain situations. A local
attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2019-19046)
Al Viro discovered that the vfs layer in the Linux kernel contained a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2020-8428)
References:
https://usn.ubuntu.com/4325-1
CVE-2019-19046, CVE-2020-8428
TrendLabs: Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
Figure 1. Operation Overtrap three-pronged attack flow
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/operation-overtrap-targets-japanese-online-banking-users-via-bottle-exploit-kit-and-brand-new-cinobi-banking-trojan/
[USN-4320-1] Linux kernel vulnerability
---------- Forwarded message ---------
From: Steve Beattie
Date: Apr 7, 2020 5:36AM
Al Viro discovered that the vfs layer in the Linux kernel contained a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly expose sensitive information (kernel
memory).
References:
https://usn.ubuntu.com/4320-1
CVE-2020-8428
From: Steve Beattie
Date: Apr 7, 2020 5:36AM
Al Viro discovered that the vfs layer in the Linux kernel contained a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly expose sensitive information (kernel
memory).
References:
https://usn.ubuntu.com/4320-1
CVE-2020-8428
[USN-4327-1] libssh vulnerability
---------- Forwarded message ---------
From: Marc Deslauriers
Date: Apr 9, 2020 9:14PM
Yasheng Yang discovered that libssh incorrectly handled AES-CTR ciphers. A
remote attacker could possibly use this issue to cause libssh to crash,
resulting in a denial of service.
References:
https://usn.ubuntu.com/4327-1
CVE-2020-1730
From: Marc Deslauriers
Date: Apr 9, 2020 9:14PM
Yasheng Yang discovered that libssh incorrectly handled AES-CTR ciphers. A
remote attacker could possibly use this issue to cause libssh to crash,
resulting in a denial of service.
References:
https://usn.ubuntu.com/4327-1
CVE-2020-1730
2020年4月12日 星期日
2020年4月11日 星期六
[USN-4317-1] Firefox vulnerabilities
---------- Forwarded message ---------
From: Chris Coulson
Date: Apr 4, 2020 9:41PM
Two use-after-free bugs were discovered in Firefox. If a user were tricked
in to opening a specially crafted website, an attacker could exploit these
to cause a denial of service or execute arbitrary code.fi
References:
https://usn.ubuntu.com/4317-1
CVE-2020-6819, CVE-2020-6820
From: Chris Coulson
Date: Apr 4, 2020 9:41PM
Two use-after-free bugs were discovered in Firefox. If a user were tricked
in to opening a specially crafted website, an attacker could exploit these
to cause a denial of service or execute arbitrary code.fi
References:
https://usn.ubuntu.com/4317-1
CVE-2020-6819, CVE-2020-6820
Using Cloudflare to secure your cardholder data environment
REF: https://blog.cloudflare.com/using-cloudflare-to-secure-your-cardholder-data-environment/
FSF: Modern GNU/Linux Systems Should Run Old Games: Open Source Community
REF: https://fossbytes.com/modern-gnu-linux-systems-must-run-old-games-open-source-community/
Cloudflare: Why We Started Putting Unpopular Assets in Memory
REF: https://blog.cloudflare.com/why-we-started-putting-unpopular-assets-in-memory/
[USN-4309-1] Vim vulnerabilities
---------- Forwarded message ---------
From: Leonidas S. Barbosa
Date: Mar 24, 2020 12:06AM
It was discovered that Vim incorrectly handled certain sources.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and
Ubuntu 16.04 LTS (CVE-2017-1110)
It was discovered that Vim incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
(CVE-2017-5953)
It was discovered that Vim incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.06 LTS. (CVE-2018-20786)
It was discovered that Vim incorrectly handled certain inputs. An attacker
could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 19.10. (CVE-2019-20079)
It was discovered that Vim incorrectly handled certain files. An attacker
could possibly use this issue to execute arbitrary code. This issue
only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS.
(CVE-2017-6349, CVE-2017-6350)
References:
https://usn.ubuntu.com/4309-1
CVE-2017-11109, CVE-2017-5953, CVE-2017-6349, CVE-2017-6350,
CVE-2018-20786, CVE-2019-20079
From: Leonidas S. Barbosa
Date: Mar 24, 2020 12:06AM
It was discovered that Vim incorrectly handled certain sources.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and
Ubuntu 16.04 LTS (CVE-2017-1110)
It was discovered that Vim incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
(CVE-2017-5953)
It was discovered that Vim incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.06 LTS. (CVE-2018-20786)
It was discovered that Vim incorrectly handled certain inputs. An attacker
could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 19.10. (CVE-2019-20079)
It was discovered that Vim incorrectly handled certain files. An attacker
could possibly use this issue to execute arbitrary code. This issue
only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS.
(CVE-2017-6349, CVE-2017-6350)
References:
https://usn.ubuntu.com/4309-1
CVE-2017-11109, CVE-2017-5953, CVE-2017-6349, CVE-2017-6350,
CVE-2018-20786, CVE-2019-20079
2020年4月6日 星期一
Roku: 11 ways to stream workouts at home
Miss the gym? Yoga classes? No problem. Workout at home for 10 minutes – or longer. All you need is a TV and your Roku device.
[USN-4313-1] Linux kernel vulnerability
---------- Forwarded message ---------
From: Steve Beattie
Date: Mar 31, 2020 2:39AM
Manfred Paul discovered that the bpf verifier in the Linux kernel did not
properly calculate register bounds for certain operations. A local attacker
could use this to expose sensitive information (kernel memory) or gain
administrative privileges.
References:
https://usn.ubuntu.com/4313-1
CVE-2020-8835
From: Steve Beattie
Date: Mar 31, 2020 2:39AM
Manfred Paul discovered that the bpf verifier in the Linux kernel did not
properly calculate register bounds for certain operations. A local attacker
could use this to expose sensitive information (kernel memory) or gain
administrative privileges.
References:
https://usn.ubuntu.com/4313-1
CVE-2020-8835
Cloudflare: Adding the Fallback Pool to the Load Balancing UI and other significant UI enhancements
REF: https://blog.cloudflare.com/adding-the-fallback-pool-to-the-load-balancing-ui/
2020年4月3日 星期五
Cloudflare: Cloudflare now supports security keys with Web Authentication (WebAuthn)!
REF: https://blog.cloudflare.com/cloudflare-now-supports-security-keys-with-web-authentication-webauthn/
[Checkmk Announce] New Checkmk stable release 1.6.0p11
---------- Forwarded message ---------
From: Checkmk Announcements
Date: Fri, Apr 3, 2020 at 2:09 AM
Checks & agents:
* 10691 mk_logwatch supports UTF-16 LE BOM encoded files
* 10753 FIX: Allow more printable ASCII characters in email addresses
* 10534 FIX: Check_MK discovery: Was not always able to discover new snmp checks
* 10840 FIX: Fix evaluation of time specific parameters if default parameters are tuple based
* 10984 FIX: Show upper levels in bandwidth graph
* 10942 FIX: agent_graylog: Updated mkp of feature pack to version 1.1
* 10944 FIX: agent_jira: Updated mkp of feature pack to version 1.2
* 10983 FIX: check_dns: Fix "DNS CRITICAL - expected 'A,B,...' but got 'B,A,...'"
* 10839 FIX: if.include: Fix missing performance data of interface groups on clusters
* 10838 FIX: lnx_if: Fix grouping of interfaces on clusters
* 10898 FIX: lnx_if: Fix unity parsing bug
* 10985 FIX: systemd_units: Fix single service discovery
* 10948 FIX: systemd_units: WATO rules modification to allow compability
User interface:
* 10754 Remove failed notifications immediately
* 11010 FIX: Fixed missleading host attribute help text
* 11009 FIX: Fixed possible ValueError while searching for werk id in release notes
* 11011 FIX: Fixed title for copied rulesets
* 10879 FIX: View CSV export: Add titles of icons to exported columns
WATO:
* 10533 WATO Rule Search: Performance Improvements
* 10869 FIX: Fix potential "Request-URI Too Long" error when editing huge tag groups
* 10874 FIX: Notification rules: Fix empty "Notification method" dropdown field
* 10875 FIX: Services: Escape service details equal to status views
* 10870 FIX: Tags: Fix exception when renaming an existing tag choice
You can download Checkmk from our download page:
* https://checkmk.com/download.php
From: Checkmk Announcements
Date: Fri, Apr 3, 2020 at 2:09 AM
Checks & agents:
* 10691 mk_logwatch supports UTF-16 LE BOM encoded files
* 10753 FIX: Allow more printable ASCII characters in email addresses
* 10534 FIX: Check_MK discovery: Was not always able to discover new snmp checks
* 10840 FIX: Fix evaluation of time specific parameters if default parameters are tuple based
* 10984 FIX: Show upper levels in bandwidth graph
* 10942 FIX: agent_graylog: Updated mkp of feature pack to version 1.1
* 10944 FIX: agent_jira: Updated mkp of feature pack to version 1.2
* 10983 FIX: check_dns: Fix "DNS CRITICAL - expected 'A,B,...' but got 'B,A,...'"
* 10839 FIX: if.include: Fix missing performance data of interface groups on clusters
* 10838 FIX: lnx_if: Fix grouping of interfaces on clusters
* 10898 FIX: lnx_if: Fix unity parsing bug
* 10985 FIX: systemd_units: Fix single service discovery
* 10948 FIX: systemd_units: WATO rules modification to allow compability
User interface:
* 10754 Remove failed notifications immediately
* 11010 FIX: Fixed missleading host attribute help text
* 11009 FIX: Fixed possible ValueError while searching for werk id in release notes
* 11011 FIX: Fixed title for copied rulesets
* 10879 FIX: View CSV export: Add titles of icons to exported columns
WATO:
* 10533 WATO Rule Search: Performance Improvements
* 10869 FIX: Fix potential "Request-URI Too Long" error when editing huge tag groups
* 10874 FIX: Notification rules: Fix empty "Notification method" dropdown field
* 10875 FIX: Services: Escape service details equal to status views
* 10870 FIX: Tags: Fix exception when renaming an existing tag choice
You can download Checkmk from our download page:
* https://checkmk.com/download.php
2020年4月2日 星期四
Cloudflare:Addressing the Web’s Client-Side Security Challenge
Cloudflare: When Bloom filters don't bloom
REF: https://blog.cloudflare.com/when-bloom-filters-dont-bloom/
ADMIN: Suricata with built-in machine learning
REF: https://www.admin-magazine.com/Archive/2020/56/OPNids-Suricata-with-built-in-machine-learning
Cloudflare: Gen X Performance Tuning
Join Automattic and Bitnami Developers as They Deploy WordPress
 | |
Automattic and Bitnami engineers have worked hand in hand to show you how to launch WordPress with Jetpack on Google Cloud Platform and optimize it for your website needs. The official WordPress image on Google Cloud Platform with the Jetpack plugin (included by default) helps you improve the performance and security of your site.
|
Using Cloudflare Gateway to Stay Productive (and turn off distractions) While Working Remotely
Cloudflare: Securing Memory at EPYC Scale
REF: https://blog.cloudflare.com/securing-memory-at-epyc-scale/
TrendLabs: Security Risks in Online Coding Platforms
Figure 1. Local versus cloud-based IDEREF: https://blog.trendmicro.com/trendlabs-security-intelligence/security-risks-in-online-coding-platforms/
訂閱:
文章 (Atom)