「セキュリティアドバイザリ」の版間の差分
ナビゲーションに移動
検索に移動
(ページの作成:「Category:Arch 開発 Category:セキュリティ en:Security Advisories {{Related articles start}} {{Related4|Arch CVE Monitoring Team}} {{Related4|CVE}} {{Re...」) |
(ArchWiki:アーカイブへの転送ページ) |
||
| (2人の利用者による、間の4版が非表示) | |||
| 1行目: | 1行目: | ||
| + | #redirect [[ArchWiki:アーカイブ]] |
||
| − | [[Category:Arch 開発]] |
||
| − | [[Category: |
+ | [[Category:アーカイブ]] |
| − | [[en:Security Advisories]] |
||
| − | {{Related articles start}} |
||
| − | {{Related4|Arch CVE Monitoring Team}} |
||
| − | {{Related4|CVE}} |
||
| − | {{Related articles end}} |
||
| − | |||
| − | セキュリティアドバイザリはコミュニティによって運営されている [[en2:Arch CVE Monitoring Team|Arch CVE Monitoring Team]] によって [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] メーリングリストで発行されています。公開されたアドバイザリは全て下に記載しています。最新のアドバイザリを受け取りたい時は [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] を講読することを推奨します。関連する CVE の情報は [[en2:Arch_CVE_Monitoring_Team|ACMT]] によって [[en2:CVE|CVE]] のページでまとめられています。 |
||
| − | |||
| − | ==計画されているアドバイザリ== |
||
| − | |||
| − | ==最近のアドバイザリ== |
||
| − | 以下は [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] メーリングリストに投稿されたセキュリティアドバイザリのアーカイブです。 |
||
| − | |||
| − | * [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} サービス拒否 |
||
| − | * [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} CRL 検証不備 |
||
| − | * [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} 認証迂回 |
||
| − | * [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} 複数の問題 |
||
| − | * [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} サービス拒否 |
||
| − | * [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} 複数の問題 |
||
| − | * [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} 情報漏洩 |
||
| − | |||
| − | === July 2015 === |
||
| − | * [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} サイレントダウングレード |
||
| − | * [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} サービス拒否 |
||
| − | * [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} 複数の問題 |
||
| − | * [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} 秘密鍵復元 |
||
| − | * [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} 権限昇格 |
||
| − | * [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} 複数の問題 |
||
| − | * [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} 認証制限迂回 |
||
| − | * [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} 複数の問題 |
||
| − | * [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} 複数の問題 |
||
| − | * [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} 任意コード実行 |
||
| − | * [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} 任意コード実行 |
||
| − | * [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} 中間者攻撃 |
||
| − | * [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} 複数の問題 |
||
| − | * [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} 複数の問題 |
||
| − | * [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} 複数の問題 |
||
| − | * [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} 中間者攻撃 |
||
| − | * [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} リモートコード実行 |
||
| − | * [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} サービス拒否 |
||
| − | * [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} サービス拒否 |
||
| − | * [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY 制限迂回 |
||
| − | * [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} 情報漏洩 |
||
| − | * [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} リモートコード実行 |
||
| − | * [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} 情報漏洩 |
||
| − | |||
| − | === June 2015 === |
||
| − | * [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} リモートコード実行 |
||
| − | * [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} 情報漏洩 |
||
| − | * [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} 情報漏洩 |
||
| − | * [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} 複数の問題 |
||
| − | * [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} 複数の問題 |
||
| − | * [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} バッファオーバーフロー |
||
| − | |||
| − | === May 2015 === |
||
| − | * [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} 情報漏洩 |
||
| − | * [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} 中間者攻撃 |
||
| − | * [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} 中間者攻撃 |
||
| − | * [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} 複数の問題 |
||
| − | * [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} サービス拒否 |
||
| − | * [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} サービス拒否 |
||
| − | * [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} 複数の問題 |
||
| − | * [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} 複数の問題 |
||
| − | * [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} 複数の問題 |
||
| − | * [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} 複数の問題 |
||
| − | * [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} 複数の問題 |
||
| − | * [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} 任意コード実行 |
||
| − | * [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} サービス拒否 |
||
| − | * [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} 複数の問題 |
||
| − | * [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} 複数の問題 |
||
| − | * [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} 任意コード実行 |
||
| − | * [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} 複数の問題 |
||
| − | * [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} 複数の問題 |
||
| − | * [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} 複数の問題 |
||
| − | * [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} 脆弱な証明書検証 |
||
| − | |||
| − | === Apr 2015 === |
||
| − | * [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml 外部実体参照 |
||
| − | * [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} サービス拒否 |
||
| − | * [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} 複数の問題 |
||
| − | * [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} 任意コード実行 |
||
| − | * [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} 複数の問題 |
||
| − | * [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} サービス拒否 |
||
| − | * [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} サービス拒否 |
||
| − | * [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} 任意コード実行 |
||
| − | * [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} 任意コード実行 |
||
| − | * [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} 複数の問題 |
||
| − | * [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} 複数の問題 |
||
| − | * [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} 複数の問題 |
||
| − | * [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} サービス拒否 |
||
| − | * [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} 複数の問題 |
||
| − | * [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} 複数の問題 |
||
| − | * [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} 複数の問題 |
||
| − | * [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} 複数の問題 |
||
| − | * [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} 複数の問題 |
||
| − | * [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} 複数の問題 |
||
| − | * [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} 証明書検証迂回 |
||
| − | * [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} サービス拒否 |
||
| − | * [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} 複数の問題 |
||
| − | * [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} 領域外参照 |
||
| − | * [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} サービス拒否 |
||
| − | * [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} 複数の問題 |
||
| − | * [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} 複数の問題 |
||
| − | * [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} 複数の問題 |
||
| − | * [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml 外部実体参照 |
||
| − | * [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} 証明書検証迂回 |
||
| − | * [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} スタックオーバーフロー |
||
| − | * [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} リモートコード実行 |
||
| − | * [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} 複数の問題 |
||
| − | |||
| − | === Mar 2015 === |
||
| − | * [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} 任意コード実行 |
||
| − | * [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip 整数オーバーフロー |
||
| − | * [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} サービス拒否 |
||
| − | * [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} コマンド参照 |
||
| − | * [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} ディレクトリトラバーサル |
||
| − | * [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} 複数の問題 |
||
| − | * [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} 複数の問題 |
||
| − | * [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} サービス拒否 |
||
| − | * [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} 複数の問題 |
||
| − | * [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} 複数の問題 |
||
| − | * [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} 複数の問題 |
||
| − | * [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} 複数の問題 |
||
| − | * [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} パスフレーズソルトのハードコード |
||
| − | * [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} 複数の問題 |
||
| − | * [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} 複数の問題 |
||
| − | * [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} 複数の問題 |
||
| − | * [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} チェックサム衝突 |
||
| − | * [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} 任意コード実行 |
||
| − | * [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} 任意コード実行 |
||
| − | * [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} クロスサイトスクリプティング |
||
| − | * [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} サービス拒否 |
||
| − | * [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} 複数の問題 |
||
| − | * [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} サービス拒否 |
||
| − | * [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} ディレクトリトラバーサル |
||
| − | * [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} ディレクトリトラバーサル |
||
| − | * [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} 情報漏洩 |
||
| − | |||
| − | === Feb 2015 === |
||
| − | * [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} 複数の問題 |
||
| − | * [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} 複数の問題 |
||
| − | * [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} 任意コード実行 |
||
| − | * [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} 複数の問題 |
||
| − | * [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} 情報漏洩とサービス拒否 |
||
| − | * [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} サービス拒否 |
||
| − | * [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} 任意ファイルへのリモート書込 |
||
| − | * [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} 複数の問題 |
||
| − | * [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} 複数の問題 |
||
| − | * [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} 任意コード実行 |
||
| − | * [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} 複数の問題 |
||
| − | * [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} 複数の問題 |
||
| − | * [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} 複数の問題 |
||
| − | * [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} リモートコード実行 |
||
| − | * [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} サービス拒否 |
||
| − | |||
| − | === Jan 2015 === |
||
| − | * [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} 複数の問題 |
||
| − | * [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} 任意コード実行 |
||
| − | * [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} 複数の問題 |
||
| − | * [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} 複数の問題 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} 複数の問題 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} 複数の問題 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} 複数の問題 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} リモートコード実行 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} 複数の問題 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} 複数の問題 |
||
| − | * [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} 複数の問題 |
||
| − | * [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} リモートコード実行 |
||
| − | * [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} サービス拒否 |
||
| − | * [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} サービス拒否 |
||
| − | * [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} 権限昇格 |
||
| − | * [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url リクエスト参照 |
||
| − | * [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} 複数の問題 |
||
| − | * [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} 複数の問題 |
||
| − | * [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} 複数の問題 |
||
| − | * [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} ヒープバッファオーバーフロー |
||
| − | * [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} ヒープオーバーフロー |
||
| − | * [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} 任意コード実行 |
||
| − | * [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} 複数の問題 |
||
| − | * [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} 複数の問題 |
||
| − | |||
| − | === Dec 2014 === |
||
| − | * [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} 複数の問題 |
||
| − | * [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} 解放済みメモリ使用 |
||
| − | * [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} 任意コード実行 |
||
| − | * [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} 任意コード実行 |
||
| − | * [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} 任意コード実行 |
||
| − | * [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} クロスサイトスクリプティング |
||
| − | * [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} 署名偽造 |
||
| − | * [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} サービス拒否 |
||
| − | * [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} 複数の問題 |
||
| − | * [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} 複数の問題 |
||
| − | * [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} 複数の問題 |
||
| − | * [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} 複数の問題 |
||
| − | * [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} 任意コード実行 |
||
| − | * [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} 任意コード実行 |
||
| − | * [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} 任意コード実行 |
||
| − | * [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} サービス拒否 |
||
| − | * [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} サービス拒否 |
||
| − | * [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} サービス拒否 |
||
| − | * [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} 複数の問題 |
||
| − | * [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} バッファオーバーフロー |
||
| − | * [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} 書式文字列攻撃 |
||
| − | * [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} 複数の問題 |
||
| − | * [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} サービス拒否 |
||
| − | * [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} サービス拒否 |
||
| − | |||
| − | === Nov 2014 === |
||
| − | * [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} サービス拒否 |
||
| − | * [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} 情報漏洩 |
||
| − | * [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} サービス拒否 |
||
| − | * [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} 任意コード実行 |
||
| − | * [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} ヒープバッファオーバーフロー |
||
| − | * [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} サービス拒否 |
||
| − | * [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} コマンド実行 |
||
| − | * [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} 複数の問題 |
||
| − | * [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} セッションハイジャックとサービス拒否 |
||
| − | * [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} サービス拒否 |
||
| − | * [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} サービス拒否 |
||
| − | * [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} サービス拒否 |
||
| − | * [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} サービス拒否 |
||
| − | * [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} 複数の問題 |
||
| − | * [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} 複数の問題 |
||
| − | * [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} 複数の問題 |
||
| − | * [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} 複数の問題 |
||
| − | * [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} サービス拒否 |
||
| − | * [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local サービス拒否, 権限昇格 |
||
| − | * [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local サービス拒否, 権限昇格 |
||
| − | * [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} サービス拒否 |
||
| − | * [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} サービス拒否 |
||
| − | * [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} リモートコード実行 |
||
| − | * [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} 領域外書込 |
||
| − | * [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} 領域外参照によるサービス拒否 |
||
| − | * [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} 任意コード実行とアクセス制限迂回 |
||
| − | * [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} 領域外参照 |
||
| − | * [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} ローカル権限昇格 |
||
| − | * [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} サービス拒否 |
||
| − | * [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} 複数の問題 |
||
| − | * [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql インジェクション |
||
| − | * [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} 複数の脆弱性 |
||
| − | * [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} 任意コマンド実行 |
||
| − | |||
| − | === Oct 2014 === |
||
| − | |||
| − | * [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} 任意ファイルシステムアクセス |
||
| − | * [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} 暗号化迂回 |
||
| − | * [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} サービス拒否 |
||
| − | * [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} サービス拒否 |
||
| − | * [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} リモートコード実行とリモート DoS |
||
| − | * [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} リモート DoS と情報漏洩 |
||
| − | * [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} 任意コマンド実行 |
||
| − | * [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL インジェクション |
||
| − | * [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} メモリリークと poodle |
||
| − | * [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} 中間者攻撃と反射攻撃 |
||
| − | * [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} サービス拒否 |
||
| − | * [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} クロスサイトスクリプティング (XSS) とクリックジャッキング |
||
| − | * [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} 複数の問題 |
||
| − | * [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} リモートサービス拒否 |
||
| − | |||
| − | === Sep 2014 === |
||
| − | |||
| − | * [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} 領域外参照 |
||
| − | * [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} クロスサイトスクリプティング (XSS) |
||
| − | * [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} 整数オーバーフローによる情報漏洩 |
||
| − | * [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} リモートコード実行 |
||
| − | * [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} 署名偽造攻撃 |
||
| − | |||
| − | ==新しいアドバイザリの公開== |
||
| − | |||
| − | アドバイザリを発行する前に該当するパッケージで脆弱性が修正されるのを待機するようにしています。非常に危険性が高い脆弱性の場合、対処方法が存在する場合にのみ、パッケージが修正される前にアドバイザリを発行することがあります。 |
||
| − | |||
| − | 新しいアドバイザリを公開したいときは、以下をチェックしてください: |
||
| − | * 該当する Arch Linux パッケージに本当に脆弱性が存在すること |
||
| − | * [[en2:Arch_CVE_Monitoring_Team#Procedure|Procedure]] が完了されていること |
||
| − | * まだ問題の脆弱性の Arch Linux セキュリティアドバイザリが公開されていないこと |
||
| − | * このページの"[[#計画されているアドバイザリ|計画されているアドバイザリ]]"のリストに問題の脆弱性のセキュリティアドバイザリが存在しないこと、存在する場合、誰かが既にアドバイザリに手をつけています |
||
| − | * パッケージの ouf-of-date フラグか (上流で問題の修正がリリースされている場合)、あるいは [https://bugs.archlinux.org/ bug-tracker] のエントリによってパッケージのメンテナに通知されていること (実際の作業は[[en2:Arch_CVE_Monitoring_Team#Procedure|こちら]]を参照) |
||
| − | |||
| − | 新しいアドバイザリを作成する手順: |
||
| − | * このページの"[[#計画されているアドバイザリ|計画されているアドバイザリ]]"のリストに行を追加して、アドバイザリを発行することを予め公知してください |
||
| − | * 以下のテンプレートを使ってアドバイザリを記述します |
||
| − | * アドバイザリを [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] メーリングリストに送信します (PGP で署名されたメールの方が好ましいですが、必須ではありません) |
||
| − | * 発行したアドバイザリを"[[#計画されているアドバイザリ|計画されているアドバイザリ]]"から"[[#最近のアドバイザリ|最近のアドバイザリ]]"に移動します |
||
| − | * 修正されたパッケージを [[en2:CVE#Documented_CVE.27s|CVE]] のページに追加して適当な ASA へのリンクを追加してください |
||
| − | |||
| − | ===テンプレート=== |
||
| − | |||
| − | {{bc|<nowiki> |
||
| − | Subject: |
||
| − | [ASA-<YYYYMM-N>] <Package>: <Vulnerability Type> |
||
| − | |||
| − | Body: |
||
| − | Arch Linux Security Advisory ASA-YYYYMM-N |
||
| − | ========================================= |
||
| − | |||
| − | Severity: Low, Medium, High, Critical |
||
| − | Date : YYYY-MM-DD |
||
| − | CVE-ID : <CVE-ID> |
||
| − | Package : <package> |
||
| − | Type : <Vulnerability Type> |
||
| − | Remote : <Yes/No> |
||
| − | Link : https://wiki.archlinux.org/index.php/CVE |
||
| − | |||
| − | Summary |
||
| − | ======= |
||
| − | |||
| − | The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>. |
||
| − | |||
| − | Resolution |
||
| − | ========== |
||
| − | |||
| − | Upgrade to <Arch Linux fixed version>. |
||
| − | |||
| − | # pacman -Syu "<package>>=<Arch Linux fixed version>" |
||
| − | |||
| − | The problem has been fixed upstream in version <upstream fixed version>. |
||
| − | |||
| − | Workaround |
||
| − | ========== |
||
| − | |||
| − | <Is there a way to mitigate this vulnerability without upgrading?> |
||
| − | |||
| − | Description |
||
| − | =========== |
||
| − | |||
| − | <Long description, for example from original advisory>. |
||
| − | |||
| − | Impact |
||
| − | ====== |
||
| − | |||
| − | < |
||
| − | What is it that an attacker can do? Does this need existing |
||
| − | pre-conditions to be exploited (valid credentials, physical access)? |
||
| − | Is this remotely exploitable? |
||
| − | >. |
||
| − | |||
| − | References |
||
| − | ========== |
||
| − | |||
| − | <CVE-Link> |
||
| − | <Upstream report> |
||
| − | <Arch Linux Bug-Tracker> |
||
| − | </nowiki>}} |
||
| − | |||
| − | ===Vim-Snippet=== |
||
| − | |||
| − | Vim-Snippet は archlinux のテンプレートを簡単に入力するための vim-ultisnips のプラグインです。{{pkg|vim-ultisnips}} をインストールして以下のテキストを {{ic|~/.vim/UltiSnips/all.snippets}} にコピーしてください。{{ic|CTRL+j}} でジャンプできます。 |
||
| − | |||
| − | {{bc|<nowiki> |
||
| − | snippet archsec "arch security form" |
||
| − | Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`${1} |
||
| − | ========================================= |
||
| − | |||
| − | Severity: ${2} |
||
| − | Date : `date -I -u` |
||
| − | CVE-ID : ${3} |
||
| − | Package : ${4} |
||
| − | Type : ${5} |
||
| − | Remote : ${6} |
||
| − | Link : https://wiki.archlinux.org/index.php/CVE |
||
| − | |||
| − | Summary |
||
| − | ======= |
||
| − | |||
| − | ${7} |
||
| − | |||
| − | Resolution |
||
| − | ========== |
||
| − | |||
| − | ${8} |
||
| − | |||
| − | Workaround |
||
| − | ========== |
||
| − | |||
| − | ${9} |
||
| − | |||
| − | Description |
||
| − | =========== |
||
| − | |||
| − | ${10} |
||
| − | |||
| − | Impact |
||
| − | ====== |
||
| − | |||
| − | ${11} |
||
| − | |||
| − | References |
||
| − | ========== |
||
| − | |||
| − | ${12} |
||
| − | endsnippet |
||
| − | </nowiki>}} |
||
2017年10月26日 (木) 21:12時点における最新版
転送先: