-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 JPCERT-WR-2015-0101 JPCERT/CC 2015-01-07 <<< JPCERT/CC WEEKLY REPORT 2015-01-07 >>> $B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B $B"#(B12/21($BF|(B)$B!A(B01/03($BEZ(B) $B$N%;%-%e%j%F%#4XO">pJs(B $B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B == $BL\(B $BpJs(B $B!Z:#=5$N$R$H$/$A%a%b![C4EvR2p$9$k%;%-%e%j%F%#4XO">pJs$NA*Dj4p=`$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B https://www.jpcert.or.jp/wr/ $B"((BHTML $BHG$*$h$S(B XML $BHG$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B https://www.jpcert.or.jp/wr/2015/wr150101.html https://www.jpcert.or.jp/wr/2015/wr150101.xml ============================================================================ $B!Z(B1$B![(BGit $B%/%i%$%"%s%H$*$h$S(B Mercurial $B%/%i%$%"%s%H$K@HpJs8;(B Git Blame Git 1.8.5.6, 1.9.5, 2.0.5, 2.1.4 and 2.2.1 and thanking friends in Mercurial land http://git-blame.blogspot.com.es/2014/12/git-1856-195-205-214-and-221-and.html $B35MW(B Git $B%/%i%$%"%s%H$*$h$S(B Mercurial $B%/%i%$%"%s%H$K$O@HpJs$r>e=q$-$7!"%/%i%$%"%s%H%^%7%s>e$GG$0U$N%3%^%s%I$r(B $B]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O0J2<$NDL$j$G$9!#(B - Git 1.8.5.6 $B$h$jA0$N%P!<%8%g%s(B - Git 1.9.5 $B$h$jA0$N%P!<%8%g%s(B - Git 2.0.5 $B$h$jA0$N%P!<%8%g%s(B - Git 2.1.4 $B$h$jA0$N%P!<%8%g%s(B - Git 2.2.1 $B$h$jA0$N%P!<%8%g%s(B - Mercurial 3.2.3 $B$h$jA0$N%P!<%8%g%s(B $B$3$NLdBj$O!"3+H/\:Y$K$D$$$F$O!"3+H/pJs$r;2>H$7$F2<$5(B $B$$!#(B $B4XO"J8=q(B ($BF|K\8l(B) Mercurial $BF|K\8l%f!<%6%0%k!<%W(B $B!Z6[5^%;%-%e%j%F%#BP=h![(B Mercurial 3.2.3 is released ! https://groups.google.com/forum/#!topic/mercurial-ja/GWE55H-hNp8 $B4XO"J8=q(B ($B1Q8l(B) Git Blame Git 1.8.5.6, 1.9.5, 2.0.5, 2.1.4 and 2.2.1 and thanking friends in Mercurial land http://git-blame.blogspot.com.es/2014/12/git-1856-195-205-214-and-221-and.html Apple About the security content of Xcode 6.2 beta 3 http://support.apple.com/en-us/HT204147 Microsoft Git vulnerability with .git config http://blogs.msdn.com/b/bharry/archive/2014/12/18/git-vulnerability-with-git-config.aspx Mercurial Release Notes 2. Mercurial 3.2.3 (2014-12-18) http://mercurial.selenic.com/wiki/WhatsNew#Mercurial_3.2.3_.282014-12-18.29 $B!Z(B2$B![!V(Bntpd $B$KJ#?t$N@HpJs(B $B>pJs8;(B US-CERT Current Activity Apple Releases Security Updates for OS X https://www.us-cert.gov/ncas/current-activity/2014/12/23/Apple-Releases-Security-Updates-OS-X $B35MW(B JPCERT/CC WEEKLY REPORT 2014-12-25$B9f!Z(B1$B![$G>R2p$7$?!V(Bntpd $B$KJ#?t$N@HpJs$G$9!#(B Apple $B$,(B Mac OS X $B8~$1$N%"%C%W%G!<%H$r(B 2014$BG/(B12$B7n(B22$BF|$K8x3+$7$^$7$?!#(B $B>\:Y$K$D$$$F$O!"(BApple $B$,Ds6!$9$k>pJs$r;2>H$7$F2<$5$$!#(B $B4XO"J8=q(B ($B1Q8l(B) Apple About OS X NTP Security Update http://support.apple.com/en-us/HT6601 $B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B $B"#:#=5$N$R$H$/$A%a%b(B $B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B $B!{C4Evl$r$*R2p$7$?$$$H;W$$$^$9!#(B - Windows XP $B$*$h$S4XO"@=IJ$N%5%]!<%H=*N;(B 2014$BG/(B4$B7n(B9$BF|$G!"(BWindows XP $B$N%5%]!<%H$,=*N;$7$^$7$?!#$"$o$;$F(B Microsoft Office 2003$B!"(BWindows XP $B8~$1(B Internet Explorer 6 $B$b%5%]!<%H$,=*N;$7(B $B$^$7$?!#(B Microsoft Windows XP $B$H(B Office 2003 $B$N%5%]!<%H$r=*N;$5$;$F$$$?$@$-$^$7$?(B https://www.microsoft.com/ja-jp/windows/lifecycle/xp_eos.aspx - Heartbleed$B!"(BShellshock $B$J$I1F6A$NBg$-$$@HpJsO3$($$;v7oH/@8$H8D?M>pJsJ]8n%,%$%I%i%$%s2~@5(B $BBg5,LO$J8D?M>pJsO3$($$;v7o$,J#?tH/@8$7!"Bg$-$J%K%e!<%9$K$J$j$^$7$?!#(B $B$3$l$i$N8D?M>pJsO3$($$;v7oH/@8$J$I$r$&$1!"7P:Q;:6H>J$G$O!"7P:Q;:6HJ,(B $BLn$N8D?M>pJsJ]8n%,%$%I%i%$%s$r2~@5$7$F$$$^$9!#(B $B7P:Q;:6H>J(B $B7P:Q;:6HJ,Ln$N!V8D?M>pJsJ]8n%,%$%I%i%$%s(I#$B$r2~@5$7$^$7$?(B http://www.meti.go.jp/press/2014/12/20141212002/20141212002.html - $B9q:]E*$J%\%C%H%M%C%H$N%F%$%/%@%&%s:n@o3+;O(B $B%$%s%?!<%M%C%H%P%s%-%s%0$K78$o$kIT@5Aw6b;v0F$K;HMQ$5$l$F$$$k$H$_$i$l(B $B$k!V(BGame Over Zeus$B!W$,@$3&E*$KL"1d$7$F$$$k$3$H$r$&$1!"9q:]E*$J%\%C%H(B $B%M%C%H$N%F%$%/%@%&%s:n@o$r3+;O$7$^$7$?!#(B JPCERT/CC $B9q:]E*$J%\%C%H%M%C%H$N%F%$%/%@%&%s:n@o(B https://www.jpcert.or.jp/pr/2014/pr140002.html - $B%Q%9%o!<%I%j%9%H967b$K$h$kIT@5%m%0%$%sB?H/(B $BJ#?t$N%$%s%?!<%M%C%H%5!<%S%9$GF1$8%Q%9%o!<%I$r;H$$2s$7$F$$$k$3$H$,86(B $B0x$G@8$8$kIT@5$J%m%0%$%s!"$$$o$f$k%Q%9%o!<%I%j%9%H967b$K$h$kHo32$,B?(B $BH/$7$^$7$?!#(B JPCERT/CC STOP!! $B%Q%9%o!<%I;H$$2s$7(B!! $B%Q%9%o!<%I%j%9%H967b$K$h$kIT@5%m%0%$%sKI(B $B;_$K8~$1$?8F$S$+$1(B https://www.jpcert.or.jp/pr/2014/pr140004.html JPCERT/CC $B!V(BSTOP!$B%Q%9%o!<%I;H$$2s$7(B!$B!W%-%c%s%Z!<%s$K$4;?F1$$$?$@$1$k4k6H$NJg=8(B https://www.jpcert.or.jp/pr/2014/pr140005.html - $B%5%$%P!<%;%-%e%j%F%#4pK\K!$,@.N)(B 2014$BG/(B11$B7n(B6$BF|!"%5%$%P!<%;%-%e%j%F%#4pK\K!$,@.N)$7$^$7$?!#9q$N9T@/5!(B $B4XEy$K$*$1$k%5%$%P!<%;%-%e%j%F%#$N3NJ]!"650i$*$h$S3X=,$N?66=!&Ia5Z7<(B $BH/!"9q:]6(NO$N?d?J$J$I$N;\:v$,@9$j9~$^$l$F$$$^$9!#(B $B=05D1!(B $B%5%$%P!<%;%-%e%j%F%#4pK\K!0F(B http://www.shugiin.go.jp/internet/itdb_gian.nsf/html/gian/honbun/houan/g18601035.htm $BFb3U41K<>pJs%;%-%e%j%F%#%;%s%?!<(B $B%5%$%P!<%;%-%e%j%F%#4pK\K!0F$N35MW(B http://www.nisc.go.jp/conference/seisaku/dai40/pdf/40shiryou0102.pdf - $B%I%a%$%sL>%O%$%8%c%C%/H/@8(B $B9qFbAH?%$,;HMQ$7$F$$$k(B .com $B%I%a%$%sL>$NEPO?>pJs$,IT@5$K=q$-49$($i$l(B $B$k%I%a%$%sL>%O%$%8%c%C%/$N%$%s%7%G%s%H$,J#?tH/@8$7$^$7$?!#(B JPCERT/CC $BEPO?>pJs$NIT@5=q$-49$($K$h$k%I%a%$%sL>%O%$%8%c%C%/$K4X$9$kCm0U4-5/(B https://www.jpcert.or.jp/at/2014/at140044.html - $BF|K\H/$N%;%-%e%j%F%#9q:]2q5D(B CODE BLUE $B3+:E(B 2014$BG/(B2$B7n!"%;%-%e%j%F%#9q:]2q5D(B CODE BLUE $B$,3+:E$5$l$^$7$?!#$3$N2q5D(B $B$O!"9qFb$NM%$l$?%;%-%e%j%F%#8&5f$*$h$S@lLg2H$r3$30$KH/?.$9$k$3$H$rL\(B $BE*$N$R$H$D$K7G$2$F$*$j!"(B12$B7n$K$OBh(B2$B2s$,3+:E$5$l$^$7$?!#(B CODE BLUE $B@$3&%H%C%W%/%i%9$N@lLg2H$K$h$k>pJs%;%-%e%j%F%#9q:]2q5D!V(BCODE BLUE$B!J%3!<%I%V%k!uB#Dh(B JPCERT/CC $B$G$O!"%5%$%P!<%;%-%e%j%F%#%$%s%7%G%s%H$NHo32Dc8:$KBg$-$/9W(B $B8%$7$?J}$K46u@)EY!W$r!"(B2014$BG/(B4$B7n$K@)(B $BDj$7$^$7$?!#(B2014$BG/$O(B 2$BL>$NJ}$K46u$rB#Dh$5$;$F$$$?$@$-$^$7$?!#(B JPCERT/CC $B%5%$%P!<%;%-%e%j%F%#BP:v3hF0$X$N6(NOuB#Dh(B -$B!V(BJPCERT/CC $B46u@)EY!W$r@)Dj(B - https://www.jpcert.or.jp/press/priz/2014/PR20140703-priz.html - FIRST $BM};v$K(B JPCERT/CC $B>.5\;38y0lO/$,="G$(B $B9q:]E*$J(B CSIRT $B%U%)!<%i%`(B FIRST $B$NAm2q$,(B 2014$BG/(B6$B7n$K3+:E$5$l!"(B10$B?M$N(B $BM};v$N$&$AH>?t$,2~A*$5$l$^$7$?!#$3$NA*5s$G!"?7$?$JM};v$N0l?M$H$7$F!"(B JPCERT/CC $B$N>.5\;38y0lO/$,A*$P$l$^$7$?!#(B FIRST FIRST.Org, Inc., Board of Directors http://www.first.org/about/organization/directors $BK\G/$,3'MM$K$H$C$FNI$$G/$K$J$k$3$H$r!"JT=8C4Ev0lF15'$C$F$*$j$^$9!#K\G/$b(B Weekly Report $B$r$I$&$>$h$m$7$/$*4j$$$7$^$9!#(B $B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B $B"#(BJPCERT/CC $B$+$i$N$*4j$$(B $B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B $B!~K\%l%]!<%H$K4X$9$k$*Ld$$9g$o$;$O(B editor@jpcert.or.jp $B08$K$*4j$$CW$7$^(B $B$9!#$?$@$7!"(BJPCERT/CC $B$G$O!"Ds6!$9$k>pJs$K$D$$$F6qBNE*$JFbMF$=$N$b$N$K(B $B$D$$$F$N$4l9g$b$"$j$^$9!#$^$?%P%C%/%J%s%P!<$O!"(B $B0J2<$N(B URL $B$+$i$4MxMQ$$$?$@$1$^$9!#(B https://www.jpcert.or.jp/wr/ $B!~K\%a!<%j%s%0%j%9%H$N9XFI?=9~$d9XFIDd;_!"$^$?EPO?$7$?EE;R%a!<%k%"%I%l%9(B $B$NJQ99$J$I$K$D$-$^$7$F$O!"0J2<$N(B URL $B$r;2>H$7$F$/$@$5$$!#(B https://www.jpcert.or.jp/announce.html $B!~(BJPCERT/CC $B$X$N%;%-%e%j%F%#%$%s%7%G%s%H$NJs9pJ}K!$K$D$$$F$O0J2<$N(B URL $B$r;2>H$7$F$/$@$5$$!#(B https://www.jpcert.or.jp/form/ $B0J>e!#(B __________ 2015 (C) JPCERT/CC -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJUrLOPAAoJEDF9l6Rp7OBIFA8H/jtLu7zfZnr5DGfC+qQZleJv 4qTxEUdKQgnux32kQZKV6rdA6CDAjMa1FP9dIQRnt746BjPogjjxOo2gkxiXtYL7 K1GlDVQ+mQw2LYAgj93Az0gLQ9Z921Ugg7UhwAf+rPJSRJslh0d7FYqs2tLMrpTA vMP+fyNeWgeevpsFQRiIxfy2cKjn4jfqVxEwLC5Sf/CHcNWZlVnoujMtUZiy4+Qb vmRpmxOSODs/CklT6uud229oTfayIRjfrWdIE9g+SZCkJoqmUt74jjMuh89N/OhG ES9y8PXHInpkpXVb/88C0OvNpj4mLUCwZMlXbIBE2cD/vuu5y1hdjXVGeTCV550= =DY5i -----END PGP SIGNATURE-----