「セキュリティアドバイザリ」の版間の差分

提供: ArchWiki
ナビゲーションに移動 検索に移動
(同期)
(ArchWiki:アーカイブへの転送ページ)
 
(2人の利用者による、間の3版が非表示)
1行目: 1行目:
  +
#redirect [[ArchWiki:アーカイブ]]
[[Category:Arch 開発]]
 
[[Category:セキュリティ]]
+
[[Category:アーカイブ]]
[[en:Security Advisories]]
 
{{Related articles start}}
 
{{Related3|Arch CVE Monitoring Team|Arch CVE 監視チーム}}
 
{{Related4|CVE}}
 
{{Related3|Security Advisories/Examples|セキュリティアドバイザリ/サンプル}}
 
{{Related articles end}}
 
 
セキュリティアドバイザリはコミュニティによって運営されている [[en2:Arch CVE Monitoring Team|Arch CVE Monitoring Team]] によって [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] メーリングリストで発行されています。公開されたアドバイザリは全て下に記載しています。最新のアドバイザリを受け取りたい時は [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] を講読することを推奨します。関連する CVE の情報は [[en2:Arch_CVE_Monitoring_Team|ACMT]] によって [[en2:CVE|CVE]] のページでまとめられています。
 
 
==計画されているアドバイザリ==
 
 
==最近のアドバイザリ==
 
以下は [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] メーリングリストに投稿されたセキュリティアドバイザリのアーカイブです。
 
 
=== October 2016 ===
 
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000747.html ASA-201610-19] {{pkg|lib32-flashplugin}} 任意コード実行
 
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000746.html ASA-201610-18] {{pkg|flashplugin}} 任意コード実行
 
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000745.html ASA-201610-17] {{pkg|ocaml}} 情報漏洩
 
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000744.html ASA-201610-16] {{pkg|linux-grsec}} 権限昇格
 
* [23 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000743.html ASA-201610-15] {{pkg|chromium}} 複数の問題
 
* [22 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000742.html ASA-201610-14] {{pkg|linux}} 権限昇格
 
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000741.html ASA-201610-13] {{pkg|python-django}} クロスサイトリクエストフォージェリ
 
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000740.html ASA-201610-12] {{pkg|python2-django}} クロスサイトリクエストフォージェリ
 
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000739.html ASA-201610-11] {{pkg|linux-lts}} 権限昇格
 
* [16 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000738.html ASA-201610-10] {{pkg|guile}} 複数の問題
 
* [13 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000737.html ASA-201610-9] {{pkg|gdk-pixbuf2}} 任意コード実行
 
* [11 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8] {{pkg|crypto++}} 情報漏洩
 
* [09 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7] {{pkg|wpa_supplicant}} 複数の問題
 
* [08 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6] {{pkg|imagemagick}} 複数の問題
 
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5] {{pkg|messagelib}} 複数の問題
 
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4] {{pkg|kcoreaddons}} insufficient validation
 
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3] {{pkg|hostapd}} 複数の問題
 
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2] {{pkg|systemd}} サービス拒否攻撃
 
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1] {{pkg|chromium}} 任意コード実行
 
 
=== September 2016 ===
 
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32] {{pkg|wordpress}} 複数の問題
 
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31] {{pkg|c-ares}} 任意コード実行
 
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30] {{pkg|openssl}} サービス拒否攻撃
 
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201609-29] {{pkg|bind}} サービス拒否攻撃
 
* [27 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28] {{pkg|lib32-openssl}} サービス拒否攻撃
 
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27] {{pkg|wireshark-cli}} サービス拒否攻撃
 
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26] {{pkg|lib32-gnutls}} certificate verification bypass
 
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25] {{pkg|gnutls}} certificate verification bypass
 
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24] {{pkg|lib32-openssl}} 複数の問題
 
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23] {{pkg|openssl}} 複数の問題
 
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22] {{pkg|firefox}} 複数の問題
 
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21] {{pkg|tomcat7}} proxy injection
 
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20] {{pkg|irssi}} 任意コード実行
 
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19] {{pkg|curl}} サービス拒否攻撃
 
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18] {{pkg|lib32-curl}} サービス拒否攻撃
 
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17] {{pkg|lib32-jansson}} サービス拒否攻撃
 
* [18 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16] {{pkg|php}} 複数の問題
 
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15] {{pkg|jansson}} サービス拒否攻撃
 
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14] {{pkg|lib32-libgcrypt}} 情報漏洩
 
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13] {{pkg|chromium}} 複数の問題
 
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} 複数の問題
 
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} 複数の問題
 
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} 複数の問題
 
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} サービス拒否攻撃
 
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} サービス拒否攻撃
 
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection
 
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} 複数の問題
 
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal
 
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} 複数の問題
 
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} 任意コード実行
 
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} 複数の問題
 
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} 複数の問題
 
 
=== August 2016 ===
 
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} 任意コード実行
 
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} 任意コード実行
 
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} サービス拒否攻撃
 
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} 複数の問題
 
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} 情報漏洩
 
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} 情報漏洩
 
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} 複数の問題
 
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} 情報漏洩
 
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} 複数の問題
 
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} 情報漏洩
 
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} 情報漏洩
 
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} クロスサイトスクリプティング
 
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} 任意コード実行
 
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} 複数の問題
 
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access
 
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} サービス拒否攻撃
 
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} サービス拒否攻撃
 
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} 複数の問題
 
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} 複数の問題
 
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} 複数の問題
 
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} 複数の問題
 
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} 情報漏洩
 
 
=== July 2016 ===
 
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} サービス拒否攻撃
 
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} 情報漏洩
 
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} 複数の問題
 
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} クロスサイトスクリプティング
 
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} クロスサイトスクリプティング
 
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection
 
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} サービス拒否攻撃
 
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} 複数の問題
 
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} 複数の問題
 
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} 任意コード実行
 
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} 任意コード実行
 
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} 任意コード実行
 
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} サービス拒否攻撃
 
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} 任意コード実行
 
 
=== June 2016 ===
 
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} 複数の問題
 
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} 任意コード実行
 
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} 任意コード実行
 
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} 任意コード実行
 
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} 任意コード実行
 
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} 任意コード実行
 
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload
 
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} 複数の問題
 
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} サービス拒否攻撃
 
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} サービス拒否攻撃
 
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} 複数の問題
 
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} 複数の問題
 
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} 複数の問題
 
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite
 
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} サービス拒否攻撃
 
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite
 
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} 複数の問題
 
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} 複数の問題
 
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} 複数の問題
 
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} 複数の問題
 
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} 複数の問題
 
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification
 
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} 任意コード実行
 
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} サービス拒否攻撃
 
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} サービス拒否攻撃
 
 
=== May 2016 ===
 
 
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} 複数の問題
 
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} 複数の問題
 
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} 中間者攻撃
 
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} クロスサイトスクリプティング
 
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} 任意コード実行
 
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} 任意コード実行
 
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} 任意コード実行
 
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} 任意コード実行
 
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} 複数の問題
 
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} 複数の問題
 
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} 任意コード実行
 
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} サービス拒否攻撃
 
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} 任意コード実行
 
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} 複数の問題
 
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} SQL インジェクション
 
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} 複数の問題
 
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} サービス拒否攻撃
 
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} サービス拒否攻撃
 
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} 任意コード実行
 
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} 任意コード実行
 
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} 任意コード実行
 
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} 複数の問題
 
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} 任意コード実行
 
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} サービス拒否攻撃
 
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} 複数の問題
 
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} 複数の問題
 
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} 複数の問題
 
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} 複数の問題
 
 
=== April 2016 ===
 
 
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} 複数の問題
 
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} 複数の問題
 
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} 複数の問題
 
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} 複数の問題
 
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} サービス拒否攻撃
 
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} 複数の問題
 
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} サービス拒否攻撃
 
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} 任意コード実行
 
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} 任意コード実行
 
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} 任意コード実行
 
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} 任意コード実行
 
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} サービス拒否攻撃
 
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} サンドボックス脱獄
 
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} サンドボックス脱獄
 
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} サンドボックス脱獄
 
 
=== March 2016 ===
 
 
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} サンドボックス脱獄
 
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} サンドボックス脱獄
 
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} サンドボックス脱獄
 
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} 複数の問題
 
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} 任意コード実行
 
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} 複数の問題
 
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} 複数の問題
 
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} リモートコマンドインジェクション
 
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} コマンドインジェクション
 
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} 任意コード実行
 
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} サービス拒否攻撃
 
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} サービス拒否攻撃
 
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} サービス拒否攻撃
 
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} 任意コード実行
 
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} サービス拒否攻撃
 
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} コマンドインジェクション
 
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} 任意コード実行
 
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} 任意コード実行
 
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation
 
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} 権限昇格
 
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} サービス拒否攻撃
 
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} 任意コード実行
 
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} 複数の問題
 
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} 複数の問題
 
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} 複数の問題
 
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} 複数の問題
 
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} 複数の問題
 
 
=== February 2016 ===
 
 
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL インジェクション
 
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage
 
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage
 
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} 中間者攻撃
 
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} 中間者攻撃
 
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction
 
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} 中間者攻撃
 
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} 複数の問題
 
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} 複数の問題
 
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} 複数の問題
 
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} 複数の問題
 
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} サービス拒否攻撃
 
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass
 
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} 複数の問題
 
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass
 
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} 複数の問題
 
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} 複数の問題
 
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} サービス拒否攻撃
 
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations
 
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations
 
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} 中間者攻撃
 
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} 中間者攻撃
 
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass
 
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass
 
 
=== January 2016 ===
 
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} 中間者攻撃
 
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} 中間者攻撃
 
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} サービス拒否攻撃
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} 権限昇格
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} 中間者攻撃
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} 複数の問題
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} サービス拒否攻撃
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} 権限昇格
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} 権限昇格
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery
 
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery
 
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} サービス拒否攻撃
 
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} サービス拒否攻撃
 
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} 権限昇格
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} リモートコード実行
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} 情報漏洩
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} 情報漏洩
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} 情報漏洩
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} 情報漏洩
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} 情報漏洩
 
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} 情報漏洩
 
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} 情報漏洩
 
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} 複数の問題
 
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} 複数の問題
 
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} サービス拒否攻撃
 
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} サービス拒否攻撃
 
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} サービス拒否攻撃
 
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} サービス拒否攻撃
 
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} サービス拒否攻撃
 
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} 中間者攻撃
 
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} クロスサイトスクリプティング
 
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} 複数の問題
 
 
=== December 2015 ===
 
 
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read
 
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} バッファオーバーフロー
 
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} 複数の問題
 
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free
 
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} 複数の問題
 
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} 複数の問題
 
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} バッファオーバーフロー
 
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection
 
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage
 
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} サービス拒否攻撃
 
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} 複数の問題
 
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} 情報漏洩
 
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} 複数の問題
 
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} 複数の問題
 
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} 複数の問題
 
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} サービス拒否攻撃
 
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} 情報漏洩
 
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} 複数の問題
 
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} 複数の問題
 
 
=== November 2015 ===
 
 
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} 複数の問題
 
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} 複数の問題
 
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} 複数の問題
 
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} 情報漏洩
 
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} 任意コード実行
 
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} サービス拒否攻撃
 
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} 複数の問題
 
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} 任意コード実行
 
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} 任意コード実行
 
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} 複数の問題
 
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} 複数の問題
 
 
=== October 2015 ===
 
 
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} サービス拒否攻撃
 
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} サービス拒否攻撃
 
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} 複数の問題
 
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing
 
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} サービス拒否攻撃
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} 複数の問題
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} 複数の問題
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} 複数の問題
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} 複数の問題
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} 複数の問題
 
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} 複数の問題
 
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} 複数の問題
 
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} 複数の問題
 
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} 任意コード実行
 
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} 任意コード実行
 
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass
 
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} 任意コード実行
 
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} 複数の問題
 
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} 複数の問題
 
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} 複数の問題
 
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} 複数の問題
 
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation
 
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} サービス拒否攻撃
 
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} サービス拒否攻撃
 
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} サービス拒否攻撃
 
 
=== September 2015 ===
 
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass
 
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} サービス拒否攻撃
 
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} 複数の問題
 
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} 複数の問題
 
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} 複数の問題
 
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} 複数の問題
 
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} 複数の問題
 
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} サービス拒否攻撃
 
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} サービス拒否攻撃
 
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} サービス拒否攻撃
 
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} 複数の問題
 
 
=== August 2015 ===
 
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} 複数の問題
 
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} 任意コード実行
 
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} サービス拒否攻撃
 
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} サービス拒否攻撃
 
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} サービス拒否攻撃
 
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} サービス拒否
 
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} CRL 検証不備
 
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} 認証迂回
 
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} 複数の問題
 
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} サービス拒否
 
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} 複数の問題
 
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} 情報漏洩
 
 
=== July 2015 ===
 
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} サイレントダウングレード
 
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} サービス拒否
 
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} 複数の問題
 
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} 秘密鍵復元
 
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} 権限昇格
 
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} 複数の問題
 
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} 認証制限迂回
 
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} 複数の問題
 
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} 複数の問題
 
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} 任意コード実行
 
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} 任意コード実行
 
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} 中間者攻撃
 
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} 複数の問題
 
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} 複数の問題
 
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} 複数の問題
 
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} 中間者攻撃
 
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} リモートコード実行
 
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} サービス拒否
 
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} サービス拒否
 
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY 制限迂回
 
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} 情報漏洩
 
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} リモートコード実行
 
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} 情報漏洩
 
 
=== June 2015 ===
 
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} リモートコード実行
 
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} 情報漏洩
 
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} 複数の問題
 
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} 複数の問題
 
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} バッファオーバーフロー
 
 
=== May 2015 ===
 
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} 情報漏洩
 
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} 中間者攻撃
 
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} 中間者攻撃
 
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} 複数の問題
 
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} サービス拒否
 
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} サービス拒否
 
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} 複数の問題
 
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} 複数の問題
 
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} 複数の問題
 
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} 複数の問題
 
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} 複数の問題
 
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} 任意コード実行
 
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} サービス拒否
 
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} 複数の問題
 
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} 複数の問題
 
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} 任意コード実行
 
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} 複数の問題
 
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} 複数の問題
 
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} 複数の問題
 
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} 脆弱な証明書検証
 
 
=== Apr 2015 ===
 
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml 外部実体参照
 
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} サービス拒否
 
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} 複数の問題
 
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} 任意コード実行
 
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} 複数の問題
 
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} サービス拒否
 
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} サービス拒否
 
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} 任意コード実行
 
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} 任意コード実行
 
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} 複数の問題
 
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} 複数の問題
 
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} 複数の問題
 
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} サービス拒否
 
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} 複数の問題
 
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} 複数の問題
 
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} 複数の問題
 
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} 複数の問題
 
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} 複数の問題
 
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} 複数の問題
 
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} 証明書検証迂回
 
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} サービス拒否
 
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} 複数の問題
 
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} 領域外参照
 
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} サービス拒否
 
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} 複数の問題
 
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} 複数の問題
 
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} 複数の問題
 
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml 外部実体参照
 
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} 証明書検証迂回
 
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} スタックオーバーフロー
 
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} リモートコード実行
 
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} 複数の問題
 
 
=== Mar 2015 ===
 
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} 任意コード実行
 
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip 整数オーバーフロー
 
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} サービス拒否
 
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} コマンド参照
 
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} ディレクトリトラバーサル
 
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} 複数の問題
 
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} 複数の問題
 
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} サービス拒否
 
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} 複数の問題
 
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} 複数の問題
 
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} 複数の問題
 
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} 複数の問題
 
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} パスフレーズソルトのハードコード
 
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} 複数の問題
 
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} 複数の問題
 
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} 複数の問題
 
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} チェックサム衝突
 
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} 任意コード実行
 
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} 任意コード実行
 
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} クロスサイトスクリプティング
 
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} サービス拒否
 
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} 複数の問題
 
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} サービス拒否
 
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} ディレクトリトラバーサル
 
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} ディレクトリトラバーサル
 
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} 情報漏洩
 
 
=== Feb 2015 ===
 
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} 複数の問題
 
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} 複数の問題
 
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} 任意コード実行
 
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} 複数の問題
 
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} 情報漏洩とサービス拒否
 
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} サービス拒否
 
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} 任意ファイルへのリモート書込
 
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} 複数の問題
 
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} 複数の問題
 
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} 任意コード実行
 
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} 複数の問題
 
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} 複数の問題
 
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} 複数の問題
 
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} リモートコード実行
 
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} サービス拒否
 
 
=== Jan 2015 ===
 
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} 複数の問題
 
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} 任意コード実行
 
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} 複数の問題
 
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} 複数の問題
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} 複数の問題
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} 複数の問題
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} 複数の問題
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} リモートコード実行
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} 複数の問題
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} 複数の問題
 
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} 複数の問題
 
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} リモートコード実行
 
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} サービス拒否
 
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} サービス拒否
 
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} 権限昇格
 
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url リクエスト参照
 
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} 複数の問題
 
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} 複数の問題
 
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} 複数の問題
 
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} ヒープバッファオーバーフロー
 
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} ヒープオーバーフロー
 
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} 任意コード実行
 
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} 複数の問題
 
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} 複数の問題
 
 
=== Dec 2014 ===
 
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} 複数の問題
 
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} 解放済みメモリ使用
 
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} 任意コード実行
 
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} 任意コード実行
 
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} 任意コード実行
 
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} クロスサイトスクリプティング
 
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} 署名偽造
 
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} サービス拒否
 
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} 複数の問題
 
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} 複数の問題
 
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} 複数の問題
 
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} 複数の問題
 
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} 任意コード実行
 
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} 任意コード実行
 
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} 任意コード実行
 
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} サービス拒否
 
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} サービス拒否
 
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} サービス拒否
 
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} 複数の問題
 
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} バッファオーバーフロー
 
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} 書式文字列攻撃
 
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} 複数の問題
 
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} サービス拒否
 
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} サービス拒否
 
 
=== Nov 2014 ===
 
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} サービス拒否
 
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} 情報漏洩
 
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} サービス拒否
 
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} 任意コード実行
 
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} ヒープバッファオーバーフロー
 
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} サービス拒否
 
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} コマンド実行
 
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} 複数の問題
 
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} セッションハイジャックとサービス拒否
 
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} サービス拒否
 
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} サービス拒否
 
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} サービス拒否
 
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} サービス拒否
 
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} 複数の問題
 
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} 複数の問題
 
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} 複数の問題
 
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} 複数の問題
 
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} サービス拒否
 
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local サービス拒否, 権限昇格
 
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local サービス拒否, 権限昇格
 
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} サービス拒否
 
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} サービス拒否
 
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} リモートコード実行
 
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} 領域外書込
 
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} 領域外参照によるサービス拒否
 
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} 任意コード実行とアクセス制限迂回
 
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} 領域外参照
 
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} ローカル権限昇格
 
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} サービス拒否
 
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} 複数の問題
 
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql インジェクション
 
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} 複数の脆弱性
 
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} 任意コマンド実行
 
 
=== Oct 2014 ===
 
 
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} 任意ファイルシステムアクセス
 
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} 暗号化迂回
 
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} サービス拒否
 
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} サービス拒否
 
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} リモートコード実行とリモート DoS
 
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} リモート DoS と情報漏洩
 
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} 任意コマンド実行
 
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL インジェクション
 
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} メモリリークと poodle
 
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} 中間者攻撃と反射攻撃
 
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} サービス拒否
 
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} クロスサイトスクリプティング (XSS) とクリックジャッキング
 
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} 複数の問題
 
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} リモートサービス拒否
 
 
=== Sep 2014 ===
 
 
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} 領域外参照
 
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} クロスサイトスクリプティング (XSS)
 
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} 整数オーバーフローによる情報漏洩
 
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} リモートコード実行
 
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} 署名偽造攻撃
 
 
==新しいアドバイザリの公開==
 
 
アドバイザリを発行する前に該当するパッケージで脆弱性が修正されるのを待機するようにしています。非常に危険性が高い脆弱性の場合、対処方法が存在する場合にのみ、パッケージが修正される前にアドバイザリを発行することがあります。
 
 
新しいアドバイザリを公開したいときは、以下をチェックしてください:
 
* 該当する Arch Linux パッケージに本当に脆弱性が存在すること。
 
* [[en2:Arch_CVE_Monitoring_Team#Procedure|Procedure]] が完了されていること。
 
* まだ問題の脆弱性の Arch Linux セキュリティアドバイザリが公開されていないこと。
 
* このページの"[[#計画されているアドバイザリ|計画されているアドバイザリ]]"のリストに問題の脆弱性のセキュリティアドバイザリが存在しないこと、存在する場合、誰かが既にアドバイザリに手をつけています。
 
* パッケージの ouf-of-date フラグか (上流で問題の修正がリリースされている場合)、あるいは [https://bugs.archlinux.org/ bug-tracker] のエントリによってパッケージのメンテナに通知されていること (実際の作業は[[en2:Arch_CVE_Monitoring_Team#Procedure|こちら]]を参照)。
 
 
新しいアドバイザリを作成する手順:
 
* このページの"[[#計画されているアドバイザリ|計画されているアドバイザリ]]"のリストに行を追加して、アドバイザリを発行することを予め公知してください。
 
* 以下のテンプレートを使ってアドバイザリを記述します。
 
* アドバイザリを [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] メーリングリストに送信します (PGP で署名されたメールの方が好ましいですが、必須ではありません)。
 
* 発行したアドバイザリを"[[#計画されているアドバイザリ|計画されているアドバイザリ]]"から"[[#最近のアドバイザリ|最近のアドバイザリ]]"に移動します。
 
* 修正されたパッケージを [[en2:CVE#Documented_CVE.27s|CVE]] のページに追加して適当な ASA へのリンクを追加してください。
 
 
===テンプレート===
 
 
{{bc|<nowiki>
 
Subject:
 
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type>
 
 
Body:
 
Arch Linux Security Advisory ASA-YYYYMM-N
 
=========================================
 
 
Severity: Low, Medium, High, Critical
 
Date : YYYY-MM-DD
 
CVE-ID : <CVE-ID>
 
Package : <package>
 
Type : <Vulnerability Type>
 
Remote : <Yes/No>
 
Link : https://wiki.archlinux.org/index.php/CVE
 
 
Summary
 
=======
 
 
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.
 
 
Resolution
 
==========
 
 
Upgrade to <Arch Linux fixed version>.
 
 
# pacman -Syu "<package>>=<Arch Linux fixed version>"
 
 
The problem has been fixed upstream in version <upstream fixed version>.
 
 
Workaround
 
==========
 
 
<Is there a way to mitigate this vulnerability without upgrading?>
 
 
Description
 
===========
 
 
<Long description, for example from original advisory>.
 
 
Impact
 
======
 
 
<
 
What is it that an attacker can do? Does this need existing
 
pre-conditions to be exploited (valid credentials, physical access)?
 
Is this remotely exploitable?
 
>.
 
 
References
 
==========
 
 
<CVE-Link>
 
<Upstream report>
 
<Arch Linux Bug-Tracker>
 
</nowiki>}}
 
 
===Vim-Snippet===
 
 
Vim-Snippet は archlinux のテンプレートを簡単に入力するための vim-ultisnips のプラグインです。{{pkg|vim-ultisnips}} をインストールして以下のテキストを {{ic|~/.vim/UltiSnips/all.snippets}} にコピーしてください。{{ic|CTRL+j}} でジャンプできます。
 
 
{{bc|<nowiki>
 
snippet archsec "arch security form"
 
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}
 
========================================${1/./=/g}
 
 
Severity: ${2}
 
Date : `date -I -u`
 
CVE-ID : $3
 
Package : $4
 
Type : $5
 
Remote : ${6}
 
Link : https://wiki.archlinux.org/index.php/CVE
 
 
Summary
 
=======
 
 
The package $4 before version $7 is vulnerable to $5 ${8}
 
 
Resolution
 
==========
 
 
Upgrade to $7.
 
 
# pacman -Syu "$4>=$7"
 
 
${9:The problems have been fixed upstream in version ${7/-\d+$/./}}
 
 
Workaround
 
==========
 
 
${10:None.}
 
 
Description
 
===========
 
 
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g}
 
 
Impact
 
======
 
 
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12}
 
 
References
 
==========
 
 
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}
 
${13}
 
endsnippet
 
 
</nowiki>}}
 

2017年10月26日 (木) 21:12時点における最新版