-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


                                                         JPCERT-WR-2020-2001
                                                                   JPCERT/CC
                                                                  2020-05-27

            <<< JPCERT/CC WEEKLY REPORT 2020-05-27 >>>

$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(B05/17($BF|(B)$B!A(B05/23($BEZ(B) $B$N%;%-%e%j%F%#4XO">pJs(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

== $BL\(B  $B<!(B ==================================================================

$B!Z(B1$B![(BISC BIND 9 $B$KJ#?t$N@H<e@-(B
$B!Z(B2$B![(BWindows DNS Server $B$K%5!<%S%91?MQK832(B (DoS) $B$N@H<e@-(B
$B!Z(B3$B![(BGoogle Chrome $B$KJ#?t$N@H<e@-(B
$B!Z(B4$B![(BvCloud Director $B$K%3!<%I%$%s%8%'%/%7%g%s$N@H<e@-(B
$B!Z(B5$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B
$B!Z(B6$B![(BApache Tomcat $B$K0BA4$G$J$$%G%7%j%"%i%$%<!<%7%g%s$NLdBj(B
$B!Z(B7$B![(BApple Xcode $B$K$*$1$k@H<e@-$KBP$9$k%"%C%W%G!<%H(B
$B!Z(B8$B![J#?t$N(B Cisco $B@=IJ$K@H<e@-(B
$B!Z(B9$B![(BDrupal $B$KJ#?t$N@H<e@-(B
$B!Z(B10$B![(BWordPress $BMQ%W%i%0%$%s(B Paid Memberships Pro $B$K(B SQL $B%$%s%8%'%/%7%g%s$N@H<e@-(B
$B!Z:#=5$N$R$H$/$A%a%b![F|K\%7!<%5!<%H6(5D2q$,!V%7!<%5!<%H%o!<%/%7%g%C%W(B $B!A2CLA4uK>AH?%8~$1@bL@2q!A!J%*%s%i%$%s!K(B2020 $BG/(B 4 $B7n3+:EJs9p!W$r8x3+(B

  $B"(>R2p$9$k%;%-%e%j%F%#4XO">pJs$NA*Dj4p=`$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/

  $B"((BHTML $BHG$*$h$S(B XML $BHG$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/2020/wr202001.html
        https://www.jpcert.or.jp/wr/2020/wr202001.xml
============================================================================


$B!Z(B1$B![(BISC BIND 9 $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      ISC Releases Security Advisory for BIND
      https://www.us-cert.gov/ncas/current-activity/2020/05/20/isc-releases-security-advisory-bind

    $B35MW(B
      ISC BIND 9 $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,%5!<(B
      $B%S%91?MQK832(B (DoS) $B967b$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - BIND 9.16 $B7O(B 9.16.0 $B$+$i(B 9.16.2 $B$^$G(B
      - BIND 9.14 $B7O(B 9.14.0 $B$+$i(B 9.14.11 $B$^$G(B
      - BIND 9.11 $B7O(B 9.11.0 $B$+$i(B 9.11.18 $B$^$G(B
      - BIND Supported Preview Edition 9.9.3-S1 $B$+$i(B 9.11.18-S1 $B$^$G(B

      $B$J$*!"4{$K%5%]!<%H$,=*N;$7$F$$$k(B BIND 9.10 $B7O0JA0$d(B 9.12 $B7O!"(B9.13 $B7O!"(B
      9.15 $B7O$*$h$S3+H/HG$N(B 9.17 $B7O$K$D$$$F$bK\@H<e@-$N1F6A$r<u$1$^$9!#(B

      $B$3$NLdBj$O!"(BISC BIND $B$r(B ISC $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3(B
      $B$H$G2r7h$7$^$9!#>\:Y$O!"(BISC $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      JPCERT/CC $BCm0U4-5/(B
      ISC BIND 9 $B$N@H<e@-(B (CVE-2020-8616, CVE-2020-8617) $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2020/at200023.html

      $B3t<02q<RF|K\%l%8%9%H%j%5!<%S%9(B (JPRS)
      $B!J6[5^!K(BBIND 9.x$B$N@H<e@-!J%Q%U%)!<%^%s%9$NDc2<!&%j%U%l%/%7%g%s967b$NF'$_Bf2=!K$K$D$$$F!J(BCVE-2020-8616$B!K(B - $B%P!<%8%g%s%"%C%W$r6/$/?d>)(B -
      https://jprs.jp/tech/security/2020-05-20-bind9-vuln-processing-referrals.html

      $B3t<02q<RF|K\%l%8%9%H%j%5!<%S%9(B (JPRS)
      $B!J6[5^!K(BBIND 9.x$B$N@H<e@-!J(BDNS$B%5!<%S%9$NDd;_!&0[>o$JF0:n!K$K$D$$$F!J(BCVE-2020-8617$B!K(B - $B%U%k%j%>%k%P!<!J%-%c%C%7%e(BDNS$B%5!<%P!<!K!?8"0R(BDNS$B%5!<%P!<$NAPJ}$,BP>]!"%P!<%8%g%s%"%C%W$r6/$/?d>)(B -
      https://jprs.jp/tech/security/2020-05-20-bind9-vuln-tsig.html

      Japan Vulnerability Notes JVNVU#92065932
      ISC BIND 9 $B$KJ#?t$N@H<e@-(B
      https://jvn.jp/vu/JVNVU92065932

    $B4XO"J8=q(B ($B1Q8l(B)
      Tel Aviv University
      NXNSAttack
      http://www.nxnsattack.com/

      ISC Knowledge Base
      CVE-2020-8616: BIND does not sufficiently limit the number of fetches performed when processing referrals
      https://kb.isc.org/docs/cve-2020-8616

      ISC Knowledge Base
      CVE-2020-8617: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
      https://kb.isc.org/docs/cve-2020-8617

$B!Z(B2$B![(BWindows DNS Server $B$K%5!<%S%91?MQK832(B (DoS) $B$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Microsoft Releases Security Advisory for Windows DNS Servers
      https://www.us-cert.gov/ncas/current-activity/2020/05/20/microsoft-releases-security-advisory-windows-dns-servers

    $B35MW(B
      Windows DNS Server $B$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,(B
      $B%5!<%S%91?MQK832(B (DoS) $B967b$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Windows DNS Server $B$9$Y$F$N%P!<%8%g%s(B

      $B$3$NLdBj$K$D$$$F!"(BMicrosoft $B$K$h$k$H!"(BWindows DNS Server $B$G(B Response
      Rate Limiting (RRL) $B$rM-8z$K$9$k$3$H$G!"@H<e@-$N1F6A$r7Z8:$9$k$3$H$,$G(B
      $B$-$k$H$N$3$H$G$9!#>\:Y$O!"(BMicrosoft $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B%^%$%/%m%=%U%H3t<02q<R(B
      ADV200009 | Windows DNS Server Denial of Service Vulnerability
      https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/ADV200009

$B!Z(B3$B![(BGoogle Chrome $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Google Releases Security Updates for Chrome
      https://www.us-cert.gov/ncas/current-activity/2020/05/20/google-releases-security-updates-chrome

    $B35MW(B
      Google Chrome $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Google Chrome 83.0.4103.61 $B$h$jA0$N%P!<%8%g%s(B

      $B$3$NLdBj$O!"(BGoogle Chrome $B$r(B Google $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99(B
      $B?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BGoogle $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5(B
      $B$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Google
      Stable Channel Update for Desktop
      https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

$B!Z(B4$B![(BvCloud Director $B$K%3!<%I%$%s%8%'%/%7%g%s$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      VMware Releases Security Update for Cloud Director
      https://www.us-cert.gov/ncas/current-activity/2020/05/20/vmware-releases-security-update-cloud-director

    $B35MW(B
      vCloud Director $B$K$O!"%3!<%I%$%s%8%'%/%7%g%s$N@H<e@-$,$"$j$^$9!#7k2L$H(B
      $B$7$F!"1s3V$NBh;0<T$,G$0U$N%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - vCloud Director 10.0 $B7O(B (Linux,PhotonOS)
      - vCloud Director 9.7 $B7O(B (Linux,PhotonOS)
      - vCloud Director 9.5 $B7O(B (Linux,PhotonOS)
      - vCloud Director 9.1 $B7O(B (Linux)

      $B$3$NLdBj$O!"(BvCloud Director (10.1.0 $B0J9_$N%P!<%8%g%s$G$O(B VMware Cloud
      Director $B$K2~>N(B) $B$K(B VMware $B$,Ds6!$9$k%Q%C%A$rE,MQ$7$?$j!"2sHr:v$rE,MQ(B
      $B$7$?$j$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BVMware $B$,Ds6!$9$k>pJs$r;2>H$7$F$/(B
      $B$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      VMware Security Advisories
      VMSA-2020-0010
      https://www.vmware.com/security/advisories/VMSA-2020-0010.html

$B!Z(B5$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Adobe Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2020/05/20/adobe-releases-security-updates

      JPCERT/CC CyberNewsFlash
      $BJ#?t$N(B Adobe $B@=IJ$N%"%C%W%G!<%H$K$D$$$F(B
      https://www.jpcert.or.jp/newsflash/2020052101.html

    $B35MW(B
      $BJ#?t$N(B Adobe $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,G$(B
      $B0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Adobe Character Animator 2020 3.2 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Premiere Pro 14.1 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Audition 13.0.5 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Premiere Rush 1.5.8 $B$*$h$S$=$l0JA0(B (Windows)

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Adobe $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BAdobe $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Adobe
      Adobe Character Animator $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB20-25
      https://helpx.adobe.com/jp/security/products/character_animator/apsb20-25.html

      Adobe
      Adobe Premiere Pro $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB20-27
      https://helpx.adobe.com/jp/security/products/premiere_pro/apsb20-27.html

      Adobe
      Adobe Audition $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB20-28
      https://helpx.adobe.com/jp/security/products/audition/apsb20-28.html

      Adobe
      Adobe Premiere Rush $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB20-29
      https://helpx.adobe.com/jp/security/products/premiere_rush/apsb20-29.html

$B!Z(B6$B![(BApache Tomcat $B$K0BA4$G$J$$%G%7%j%"%i%$%<!<%7%g%s$NLdBj(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#98086086
      Apache Tomcat $B$K0BA4$G$J$$%G%7%j%"%i%$%<!<%7%g%s$NLdBj(B
      https://jvn.jp/vu/JVNVU98086086/

    $B35MW(B
      Apache Software Foundation $B$,Ds6!$9$k(B Apache Tomcat $B$K$O!"%G%7%j%"%i%$%:(B
      $BBP>]%G!<%?$N8!>Z$,E,@Z$K9T$o$l$F$$$J$$@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s(B
      $B3V$NBh;0<T$,!"%5!<%P>e$K4IM}2DG=$J%U%!%$%k$rG[CV$9$k$3$H$,$G$-$k>l9g$J(B
      $B$I$K!"G$0U$N%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Apache Tomcat 10.0.0-M1 $B$+$i(B 10.0.0-M4
      - Apache Tomcat 9.0.0.M1 $B$+$i(B 9.0.34
      - Apache Tomcat 8.5.0 $B$+$i(B 8.5.54
      - Apache Tomcat 7.0.0 $B$+$i(B 7.0.103

      $B$3$NLdBj$O!"(BApache Tomcat $B$r(B Apache Software Foundation $B$,Ds6!$9$k=$@5(B
      $B:Q$_$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O(B Apache Software
      Foundation $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      JPCERT/CC $BCm0U4-5/(B
      Apache Tomcat $B$N@H<e@-(B (CVE-2020-9484) $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2020/at200024.html

    $B4XO"J8=q(B ($B1Q8l(B)
      Apache Software Foundation
      CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence
      https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E

$B!Z(B7$B![(BApple Xcode $B$K$*$1$k@H<e@-$KBP$9$k%"%C%W%G!<%H(B

    $B>pJs8;(B
      US-CERT Current Activity
      Apple Releases Security Update for Xcode
      https://www.us-cert.gov/ncas/current-activity/2020/05/21/apple-releases-security-update-xcode

      Japan Vulnerability Notes JVNVU#94926165
      Apple Xcode $B$K$*$1$k@H<e@-$KBP$9$k%"%C%W%G!<%H(B
      https://jvn.jp/vu/JVNVU94926165/

    $B35MW(B
      Apple Xcode $B$K$O!"(BXcode $B$KFbJq$5$l$?(B git $B$,;HMQ$7$F$$$k(B credential
      helper $B%W%m%0%i%`$N@H<e@-$K5/0x$9$kLdBj$,$"$j$^$9!#7k2L$H$7$F!"1s3V$N(B
      $BBh;0<T$,!"FCJL$K:Y9)$7$?(B URL $B$r;XDj$9$k$3$H$G!"(Bgit $B$NG'>Z>pJs$r@`<h$9(B
      $B$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Xcode 11.5 $B$h$jA0$N%P!<%8%g%s(B

      $B$3$NLdBj$O!"(BXcode $B$r(B Apple $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3(B
      $B$H$G2r7h$7$^$9!#>\:Y$O!"(BApple $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Apple
      About the security content of Xcode 11.5
      https://support.apple.com/en-us/HT211183

$B!Z(B8$B![J#?t$N(B Cisco $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Cisco Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2020/05/22/cisco-releases-security-updates

    $B35MW(B
      $BJ#?t$N(B Cisco $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"G'>Z$5$l$F$$$J$$(B
      $BBh;0<T$,G$0U$N%3!<%I$r<B9T$7$?$j!"%5!<%S%91?MQK832(B (DoS) $B967b$7$?$j$9(B
      $B$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Cisco Unified Contact Center Express 12.0(1)ES03 $B$h$jA0$N%P!<%8%g%s(B
      - Cisco Prime Network Registrar 10.1.0.1 $B$h$jA0$N%P!<%8%g%s(B
      - Cisco Prime Network Registrar 10.0 $B7O(B $B$9$Y$F$N%P!<%8%g%s(B
      - Cisco Prime Network Registrar 9.1.3 $B$h$jA0$N%P!<%8%g%s(B
      - Cisco Prime Network Registrar 9.0 $B7O(B $B$9$Y$F$N%P!<%8%g%s(B
      - Cisco Prime Network Registrar 8.3.7.1 $B$h$jA0$N(B 8.3 $B7O%P!<%8%g%s(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Cisco $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BCisco $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Cisco
      Cisco Unified Contact Center Express Remote Code Execution Vulnerability
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-rce-GMSC6RKN

      Cisco
      Cisco Prime Network Registrar DHCP Denial of Service Vulnerability
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpnr-dhcp-dos-BkEZfhLP

$B!Z(B9$B![(BDrupal $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Drupal Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2020/05/21/drupal-releases-security-updates

    $B35MW(B
      Drupal $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,!"%f!<(B
      $B%6$N%V%i%&%6>e$GG$0U$N%3!<%I$r<B9T$7$?$j!"G$0U$N(B URL $B$K%j%@%$%l%/%H$7(B
      $B$?$j$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Drupal 8.8.6 $B$h$jA0$N%P!<%8%g%s(B
      - Drupal 8.7.14 $B$h$jA0$N%P!<%8%g%s(B
      - Drupal 7.70 $B$h$jA0$N%P!<%8%g%s(B

      $B$J$*!"(BDrupal $B$K$h$k$H(B Drupal 8.7 $B7O$h$jA0$N(B 8 $B7O$N%P!<%8%g%s$O!"%5%]!<(B
      $B%H$,=*N;$7$F$$$k$?$a!"(BDrupal 8.7.14 $B$K99?7$9$k$3$H$r?d>)$7$F$$$^$9!#(B

      $B$3$NLdBj$O!"(BDrupal $B$r(B Drupal $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k(B
      $B$3$H$G2r7h$7$^$9!#>\:Y$O!"(BDrupal $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Drupal
      Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002
      https://www.drupal.org/sa-core-2020-002

      Drupal
      Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003
      https://www.drupal.org/sa-core-2020-003

$B!Z(B10$B![(BWordPress $BMQ%W%i%0%$%s(B Paid Memberships Pro $B$K(B SQL $B%$%s%8%'%/%7%g%s$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#20248858
      WordPress $BMQ%W%i%0%$%s(B Paid Memberships Pro $B$K$*$1$k(B SQL $B%$%s%8%'%/%7%g%s$N@H<e@-(B
      https://jvn.jp/jp/JVN20248858

    $B35MW(B
      WordPress $BMQ%W%i%0%$%s(B Paid Memberships Pro $B$K$O!"(BSQL $B%$%s%8%'%/%7%g%s(B
      $B$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"K\@=IJ$N4IM}2hLL$K%"%/%;%92DG=$JBh;0<T(B
      $B$,!"%G!<%?%Y!<%9Fb$N>pJs$r@`<h$7$?$j!"2~$6$s$7$?$j$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Paid Memberships Pro version 2.3.3 $B$h$jA0$N%P!<%8%g%s(B

      $B$3$NLdBj$O!"(BPaid Memberships Pro $B$r3+H/<T$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s(B
      $B$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"3+H/<T$,Ds6!$9$k>pJs$r;2>H$7$F$@$5(B
      $B$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      PaidMembershipsPro
      PMPro Update 2.3.3 - Security Release
      https://www.paidmembershipspro.com/pmpro-update-2-3-3-security-release/


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#:#=5$N$R$H$/$A%a%b(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!{F|K\%7!<%5!<%H6(5D2q$,!V%7!<%5!<%H%o!<%/%7%g%C%W(B $B!A2CLA4uK>AH?%8~$1@bL@2q!A!J%*%s%i%$%s!K(B2020 $BG/(B 4 $B7n3+:EJs9p!W$r8x3+(B

      2020$BG/(B5$B7n(B19$BF|!"F|K\%7!<%5!<%H6(5D2q$O!"(B2020$BG/(B4$B7n(B22$BF|$K3+:E$5$l$?!V%7!<(B
      $B%5!<%H%o!<%/%7%g%C%W(B $B!A2CLA4uK>AH?%8~$1@bL@2q!A(B $B!W$NJs9p$r8x3+$7$^$7$?!#(B
      $B:#2s$O!"=i$a$F$N40A4$J%*%s%i%$%s3+:E$H$J$j!"2CLA4uK>$N%*%V%6!<%P!<AH?%(B
      $B$NJ}$rBP>]$K!"F|K\%7!<%5!<%H6(5D2q$dCO6h3hF00Q0w2q$N3hF0>R2p$,9T$o$l$^(B
      $B$7$?!#:#8e$b%*%s%i%$%s3+:E$rB%?J$7$F$$$/$H$N$3$H$G$9!#(B

    $B;29MJ88%(B ($BF|K\8l(B)
      $BF|K\%7!<%5!<%H6(5D2q(B
      $B%7!<%5!<%H%o!<%/%7%g%C%W(B $B!A2CLA4uK>AH?%8~$1@bL@2q!A!J%*%s%i%$%s!K(B2020 $BG/(B 4 $B7n3+:EJs9p(B
      https://www.nca.gr.jp/2020/ws-online/


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(BJPCERT/CC $B$+$i$N$*4j$$(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!~K\%l%]!<%H$K4X$9$k$*Ld$$9g$o$;$O(B ew-info@jpcert.or.jp $B08$K$*4j$$CW$7$^(B
  $B$9!#$?$@$7!"(BJPCERT/CC $B$G$O!"Ds6!$9$k>pJs$K$D$$$F6qBNE*$JFbMF$=$N$b$N$K(B
  $B$D$$$F$N$4<ALd$K$O$*Ez$($G$-$J$$>l9g$b$"$j$^$9!#$^$?%P%C%/%J%s%P!<$O!"(B
  $B0J2<$N(B URL $B$+$i$4MxMQ$$$?$@$1$^$9!#(B

        https://www.jpcert.or.jp/wr/

$B!~K\%a!<%j%s%0%j%9%H$N9XFI?=9~$d9XFIDd;_!"$^$?EPO?$7$?EE;R%a!<%k%"%I%l%9(B
  $B$NJQ99$J$I$K$D$-$^$7$F$O!"0J2<$N(B URL $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/announce.html

$B!~(BJPCERT/CC $B$X$N%;%-%e%j%F%#%$%s%7%G%s%H$NJs9pJ}K!$K$D$$$F$O0J2<$N(B URL
  $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/form/

$B0J>e!#(B
__________

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJezaxnAAoJEKntH+qu5CT/pF0P/22FipGzghg/siKUBTElKgaD
DepfHPZbexX1UC+Fz3AUkejly1tGSRRRWqR/eNuoqNbGb3/YC/LopUy0C0eAlRl1
fLVeQlhmw9Uxn0xH2/X8Xdw8/y7BFM/CkoDWsv0jocj8M6zWEpSHjIDS0FhkGvEN
n/wB2sPDVcNzT3DwNpIQZHWurDk9sQUVRp6/hpOFo1La8l46Kb2mXMm9c07u4Cpp
Od78mw+UPJCy4v1QTw1ANrdS13mAUSRDZuNWu/ogUb4aks4PmTTzksQ4X6YQf4WN
If/g7Zhm3osrMDyP4HMBUX/01RjZnrg9hN8xidaDGhTqKHDdwdsxVi3tMMJzcdn8
NsKLMfevBSJR4xhvgnLm60PvuJlHRbxoLuBlfEJzE/MT0q7KTP7EyBIL1DwvW1Nk
uk4fCC2ltd7rD+LZUNTlfrIu4f9uIF69yU4atfeYQxiMkXVWVgxZI+SYZtpuh/Oq
5oeZ4kia3VtO5okByrWNjsbv8DvEIxG8BBbPLVv9Knfvq/uJCjBHac/KsrM5zsHq
pZsvDtvPZ2aJbMLTjJPxq0QGE7Ro121c2CgKeK4X+LxgJ1T6JXBOE17XRNSlW7bD
cdbj0r4TZ2rzkOKZ+layhOmvT8TjX6bHo6VGE7xxi7Dz63ij9qYtaDtT8W04tOCq
FcT6TzxQf2mY9cFiClMe
=ejI+
-----END PGP SIGNATURE-----