[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[upki-fed:01018] Shibboleth SPの脆弱性について(2016.2.26)
- Subject: [upki-fed:01018] Shibboleth SPの脆弱性について(2016.2.26)
- Date: Fri, 26 Feb 2016 16:54:00 +0900
- From: 国立情報学研究所 学認事務局 野田 <xxxxxxxxxxxxxx@xxxxxxxxx>
�$B3XG'>pJs8r49�(BML�$B!!MxMQpJs3X8&5f=j!!3XG';vL36I$NLnED$G$9!#�(B
�$BJ?AG$h$j3XG'$N;v6H$K$46(NO$r;r$j!$$"$j$,$H$&$4$6$$$^$9!#�(B
Shibboleth Project�$B$h$j!$�(BShibboleth SP�$B$G;HMQ$9$k�(BApache Xerces-C XML
Parser�$B$K4X$9$k@Hr7o$K3:Ev$9$k>l9g$K$O@H$C$F�(BSP�$B$r9=C[$7$?>l9g!$�(BOS�$B$O�(BCentOS�$B$N�(B5�$B7O$^$?$O�(B6�$B7O$H$J$j�(B
�$B$^$9!#$3$l$i$N�(BOS�$B$N>l9g$K$O!$�(BOS�$BA4BN!$$^$?$O�(BShibboleth SP�$B4XO"%Q%C%1!<%8$r�(B
�$B:G?7HG$K%"%C%W%G!<%H$7$F$/$@$5$$!#�(B[2]
https://meatwiki.nii.ac.jp/confluence/pages/viewpage.action?pageId=11666753
OS�$B$r�(BRHEL7�$B7OE}�(B(CentOS7�$BEy�(B)�$B$G�(BSP�$B$r9=C[$7$?>l9g!$�(BApache Xerces-C XML
Parser�$B$O%G%#%9%H%j%S%e!<%7%g%s$,Ds6!$9$k%Q%C%1!<%8�(B(xerces-c)�$B$r;HMQ$7$^$9!#�(B
2016/2/26�$B;~E@$G$O%G%#%9%H%j%S%e!<%7%g%s$+$i=$@5%Q%C%1!<%8$,%j%j!<%9$5$l�(B
�$B$F$$$^$;$s$,!$%j%j!<%9$5$lpJs�(B:
[1] CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input
https://shibboleth.net/pipermail/announce/2016-February/000141.html
http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
[2] �$B3XG'5;=Q%,%$%I�(B SP�$B%"%C%W%G!<%H$K4X$9$k>pJs�(B
https://meatwiki.nii.ac.jp/confluence/pages/viewpage.action?pageId=11666753
--
=========================================================
�$B!!9qN)>pJs3X8&5f=j�(B �$B3X=Q4pHW2]�(B �$B3XG';vL36I!!!JC4Ev!'LnED!K�(B
�$B!!�(BTEL�$B!'�(B03-4212-2218�$B!!�(xxxxxxxxxxxxxxx@xxxxxxxxx
�$B!!3XG'�(BWeb�$B%Z!<%8�(B https://www.gakunin.jp/
�$B!!?=@A%7%9%F%`�(B https://office.gakunin.nii.ac.jp/
=========================================================