{"id":3474,"date":"2015-05-15T17:58:16","date_gmt":"2015-05-15T08:58:16","guid":{"rendered":"http:\/\/www.skyarch.net\/blog\/?p=3474"},"modified":"2015-05-18T17:22:54","modified_gmt":"2015-05-18T08:22:54","slug":"%e8%84%86%e5%bc%b1%e6%80%a7%e5%af%be%e5%bf%9c%e6%99%82%e3%81%ae%e7%a2%ba%e8%aa%8d%e6%96%b9%e6%b3%95%e3%81%ab%e3%81%a4%e3%81%84%e3%81%a6%e3%80%90amazon-linux%e3%80%81rhelcentos%e7%b7%a8%e3%80%91","status":"publish","type":"post","link":"https:\/\/www.skyarch.net\/blog\/%e8%84%86%e5%bc%b1%e6%80%a7%e5%af%be%e5%bf%9c%e6%99%82%e3%81%ae%e7%a2%ba%e8%aa%8d%e6%96%b9%e6%b3%95%e3%81%ab%e3%81%a4%e3%81%84%e3%81%a6%e3%80%90amazon-linux%e3%80%81rhelcentos%e7%b7%a8%e3%80%91\/","title":{"rendered":"\u8106\u5f31\u6027\u5bfe\u5fdc\u6642\u306e\u78ba\u8a8d\u65b9\u6cd5\u306b\u3064\u3044\u3066\u3010Amazon Linux\u3001RHEL\/CentOS\u7de8\u3011"},"content":{"rendered":"

\u3053\u3093\u3061\u306b\u306f\u3002irihara\u3067\u3059\u3002\u4e45\u3057\u3076\u308a\u306e\u6295\u7a3f\u306b\u306a\u308a\u307e\u3059\u3002
\n\u3053\u3053\u6700\u8fd1\u3001OpenSSL\u306a\u3069\u3067\u8106\u5f31\u6027\u304c\u6b21\u3005\u3068\u660e\u3089\u304b\u306b\u306a\u308a\u3001\u305d\u306e\u5ea6\u306b\u3001\u60c5\u5831\u53ce\u96c6\u306a\u3069\u306e\u5bfe\u5fdc\u306b\u8ffd\u308f\u308c\u3066\u3044\u308b
\n\u30b7\u30b9\u30c6\u30e0\u7ba1\u7406\u8005\u306e\u65b9\u3005\u3082\u591a\u3044\u306e\u3067\u306f\u306a\u3044\u3067\u3057\u3087\u3046\u304b\u3002<\/p>\n

http:\/\/www.itmedia.co.jp\/enterprise\/articles\/1412\/11\/news047.html\nhttp:\/\/japan.zdnet.com\/keyword\/POODLE%E8%84%86%E5%BC%B1%E6%80%A7%E5%95%8F%E9%A1%8C\/\n<\/pre>\n
\u8106\u5f31\u6027\u304c\u660e\u3089\u304b\u306b\u306a\u3063\u305f\u5834\u5408\u3001\u5404\u30d9\u30f3\u30c0\u30fc\u304b\u3089\u4fee\u6b63\u7248\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3001\u305d\u308c\u3092\u7a3c\u50cd\u4e2d\u306e\u30b5\u30fc\u30d0\u306b
\n\u9069\u7528\u3059\u308b\u5fc5\u8981\u306b\u8feb\u3089\u308c\u308b\u30b1\u30fc\u30b9\u3082\u3042\u308b\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n
RHEL\u3084CentOS\u3001debian\u306a\u3069\u306eOS\u30d9\u30f3\u30c0\u30fc\u3067\u3082\u3001\u305d\u306e\u90fd\u5ea6\u5bfe\u5fdc\u7248\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u305f\u308a\u3001\u5bfe\u5fdc\u65b9\u6cd5\u306b\u3064\u3044\u3066
\n\u544a\u77e5\u3055\u308c\u307e\u3059\u3002<\/p>\n
\u25a1Redhat CVE\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\nhttps:\/\/access.redhat.com\/security\/cve\/\n\n\u25a1Debian \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u60c5\u5831\nhttps:\/\/www.debian.org\/security\/\n<\/pre>\n
RHEL\/CentOS\u306e\u5834\u5408\u3001\u5bfe\u5fdc\u7248\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3066\u3044\u308b\u306e\u304b\u306b\u3064\u3044\u3066\u306e\u78ba\u8a8d\u65b9\u6cd5\u3068\u3057\u3066\u306f\u3001yum\u30b3\u30de\u30f3\u30c9\u306a\u3069\u3067\u78ba\u8a8d\u53ef\u80fd\u3067\u3059\u3002
\n\u4e0b\u8a18\u306e\u4f8b\u3067\u306f\u3001\u300cInstalled Packages\u300d\u304c\u73fe\u5728\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u30d1\u30c3\u30b1\u30fc\u30b8\u306b\u306a\u308a\u3001\u300cAvailable Packages\u300d\u306b
\n\u8868\u793a\u3055\u308c\u3066\u3044\u308b\u3082\u306e\u304c\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u53ef\u80fd\u306a\u30d1\u30c3\u30b1\u30fc\u30b8\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n
rpm\u30b3\u30de\u30f3\u30c9\u3067\u3082\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u30d1\u30c3\u30b1\u30fc\u30b8\u306f\u78ba\u8a8d\u3057\u3066\u4e0b\u3055\u3044\u3002<\/p>\n
[root@test1 ~]# rpm -qa | grep openssl\nopenssl098e-0.9.8e-18.2.14.amzn1.x86_64\nopenssl-1.0.1k-1.82.amzn1.x86_64\nopenssl-devel-1.0.1k-1.82.amzn1.x86_64\n<\/pre>\n
\u25c6yum\u3067\u306e\u78ba\u8a8d\u65b9\u6cd5<\/p>\n
[root@test1 ~]# yum info openssl\nLoaded plugins: priorities, update-motd, upgrade-helper\n1800 packages excluded due to repository priority protections\nInstalled Packages\nName        : openssl\nArch        : x86_64\nEpoch       : 1\nVersion     : 1.0.1k\nRelease     : 1.82.amzn1\nSize        : 3.6 M\nRepo        : installed\nFrom repo   : amzn-updates\nSummary     : Utilities from the general purpose cryptography library with TLS implementation\nURL         : http:\/\/www.openssl.org\/\nLicense     : OpenSSL\nDescription : The OpenSSL toolkit provides support for secure communications between\n            : machines. OpenSSL includes a certificate management tool and shared\n            : libraries which provide various cryptographic algorithms and\n            : protocols.\n\nAvailable Packages\nName        : openssl\nArch        : x86_64\nEpoch       : 1\nVersion     : 1.0.1k\nRelease     : 1.84.amzn1\nSize        : 1.6 M\nRepo        : amzn-updates\/latest\nSummary     : Utilities from the general purpose cryptography library with TLS implementation\nURL         : http:\/\/www.openssl.org\/\nLicense     : OpenSSL\nDescription : The OpenSSL toolkit provides support for secure communications between\n            : machines. OpenSSL includes a certificate management tool and shared\n            : libraries which provide various cryptographic algorithms and\n            : protocols.\n<\/pre>\n
\u78ba\u8a8d\u3057\u305f\u3068\u3053\u308d\u3001\u65b0\u3057\u3044\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3066\u3044\u308b\u306e\u3067\u3001\u3053\u308c\u3092\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3057\u3066\u9069\u7528\u3059\u308c\u3070\u4e07\u4e8bOK\u306a\u306e\u3067\u3057\u3087\u3046\u304b\uff1f
\n\u305d\u306e\u524d\u306b\u78ba\u8a8d\u3059\u3079\u304d\u3053\u3068\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n
\u305d\u308c\u306f\u3001\u300c\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u7248\u3067\u672c\u5f53\u306b\u8106\u5f31\u6027\u306e\u4fee\u6b63\u304c\u3055\u308c\u3066\u3044\u308b\u306e\u304b\uff1f\u300d<\/strong>\u3067\u3059\u3002<\/p>\n
\u307e\u305f\u3001\u3044\u304d\u306a\u308a\u672c\u7a3c\u50cd\u3057\u3066\u3044\u308b\u30b7\u30b9\u30c6\u30e0\u306b\u9069\u7528\u3059\u308b\u306e\u306f\u3001\u30ea\u30b9\u30af\u304c\u4f34\u3044\u307e\u3059\u3002
\n\u305d\u306e\u524d\u306b\u3001\u4f55\u3092\u4fee\u6b63\u3055\u308c\u3066\u3044\u308b\u306e\u304b\u3001\u4e88\u3081\u78ba\u8a8d\u3057\u305f\u65b9\u304c\u826f\u3044\u3067\u3059\u3002
\n\u305d\u306e\u305f\u3081\u306b\u306f\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u4e88\u3081\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u305b\u305a\u306b\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3059\u308c\u3070\u3001\u78ba\u8a8d\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n
\u203byumdownloader\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3059\u308b\u305f\u3081\u306b\u306f\u3001\u4e88\u3081yum-utils\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u304a\u304f\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002
\n\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u4e0b\u3055\u3044\u3002<\/p>\n
[root@test1 ~]# yumdownloader openssl\nLoaded plugins: priorities, update-motd, upgrade-helper\n1800 packages excluded due to repository priority protections\n(1\/2): openssl-1.0.1k-1.84.amzn1.i686.rpm                                                                                                      | 1.5 MB     00:00\n(2\/2): openssl-1.0.1k-1.84.amzn1.x86_64.rpm\n<\/pre>\n
\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3067\u304d\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n
[root@test1 ~]# ls -l | grep openssl\n-rw-r--r-- 1 root root 1582100 May  8 02:52 openssl-1.0.1k-1.84.amzn1.i686.rpm\n-rw-r--r-- 1 root root 1667247 May  8 02:52 openssl-1.0.1k-1.84.amzn1.x86_64.rpm\n<\/pre>\n
\u4ee5\u4e0b\u306e\u65b9\u6cd5\u3067\u3001\u3053\u306e\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u305f\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u3001\u672c\u5f53\u306b\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u308b\u306e\u304b\u3001
\n\u4eca\u307e\u3067\u306b\u5bfe\u5fdc\u3057\u305f\u4fee\u6b63\u5c65\u6b74\u304c\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002<\/p>\n
[root@test1 ~]# rpm -qp --changelog openssl-1.0.1k-1.84.amzn1.x86_64.rpm | grep CVE\n- add patch for CVE-2014-3566 (Padding Oracle On Downgraded Legacy Encryption attack)\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n- pull in upstream patch for CVE-2014-0160\n- add fixes from upstream 1.0.1f\/g releases (CVE-2014-0160, fixes for CVE-2013-0169)\n- Add patches to fix CVE-2013-6449, CVE-2013-6450, and CVE-2013-4353\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n- port patch for CVE-2013-0169 against 1.0.0j\n- fix for CVE-2013-0169 - SSL\/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n  environment variable is set (fixes CVE-2012-4929 #857051)\n<\/pre>\n
\uff5e\u3000\u9577\u3044\u306e\u3067\u4ee5\u4e0b\u7701\u7565\u3057\u307e\u3059\u3002\u3000\uff5e<\/p>\n
\u4e00\u756a\u6700\u65b0\u306e\u300cCVE-2014-3566\u300d\u306b\u3064\u3044\u3066\u78ba\u8a8d\u3057\u305f\u3068\u3053\u308d\u3001POODLE\u3068\u3044\u3046\u8106\u5f31\u6027\u306e\u4ef6\u3060\u3068\u3044\u3046\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002<\/p>\n
\u25a1IPA\u60c5\u5831\u51e6\u7406\u63a8\u9032\u6a5f\u69cb\u3000\u66f4\u65b0\uff1aSSL 3.0 \u306e\u8106\u5f31\u6027\u5bfe\u7b56\u306b\u3064\u3044\u3066(CVE-2014-3566)\nhttp:\/\/www.ipa.go.jp\/security\/announce\/20141017-ssl.html\n<\/pre>\n
\u307e\u305f\u3001Amazon\u306eAWS\u3067\u306f\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u5bfe\u7b56\u306b\u3064\u3044\u3066\u544a\u77e5\u3057\u3066\u3044\u307e\u3057\u305f\u3002
\n\uff08\u3061\u306a\u307f\u306b\u3001\u4eca\u56de\u306fAmazon Linux\u3067\u78ba\u8a8d\u3092\u884c\u3044\u307e\u3057\u305f\u3002\uff09<\/p>\n
\u25a1CVE-2014-3566 Advisory\nhttp:\/\/aws.amazon.com\/jp\/security\/security-bulletins\/CVE-2014-3566-advisory\/\nhttps:\/\/alas.aws.amazon.com\/ALAS-2014-426.html\n<\/pre>\n
\u305d\u306e\u4ed6\u3001RedHat\u3067\u306f\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u60c5\u5831\u3092\u544a\u77e5\u3057\u3066\u3044\u307e\u3057\u305f\u3002<\/p>\n
\u25a1POODLE: SSLv3.0 \u8106\u5f31\u6027 (CVE-2014-3566)\nhttps:\/\/access.redhat.com\/ja\/node\/1232403\nhttps:\/\/access.redhat.com\/security\/cve\/CVE-2014-3566\n<\/pre>\n
\u73fe\u5728\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308bOpenSSL\u306e\u5185\u5bb9\u306b\u3064\u3044\u3066\u3082\u78ba\u8a8d\u3092\u884c\u3044\u307e\u3059\u3002
\n\u5dee\u5206\u6bd4\u8f03\u30bd\u30d5\u30c8\u3092\u4f7f\u7528\u3059\u308c\u3070\u3001\u7c21\u5358\u306b\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002
\n\uff08\u73fe\u5728\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u306f\u65e2\u306b\u3001CVE-2014-3566\u306e\u4fee\u6b63\u306f\u3055\u308c\u3066\u3044\u308b\u3088\u3046\u3067\u3059\u3002\uff09<\/p>\n
[root@test1 ~]# rpm -q openssl --changelog | grep CVE\n- add patch for CVE-2014-3566 (Padding Oracle On Downgraded Legacy Encryption attack)\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n- pull in upstream patch for CVE-2014-0160\n- add fixes from upstream 1.0.1f\/g releases (CVE-2014-0160, fixes for CVE-2013-0169)\n- Add patches to fix CVE-2013-6449, CVE-2013-6450, and CVE-2013-4353\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n- port patch for CVE-2013-0169 against 1.0.0j\n- fix for CVE-2013-0169 - SSL\/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n  environment variable is set (fixes CVE-2012-4929 #857051)\n<\/pre>\n
\uff5e\u3000\u9577\u3044\u306e\u3067\u4ee5\u4e0b\u7701\u7565\u3057\u307e\u3059\u3002\u3000\uff5e<\/p>\n
\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u5fc5\u8981\u306a\u5834\u5408\u306f\u3001yum update openssl\u306a\u3069\u3068\u5b9f\u884c\u3059\u308c\u3070\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3055\u308c\u307e\u3059\u3002<\/p>\n
\u3053\u3053\u307e\u3067\u306f\u3001\u3054\u304f\u7c21\u5358\u306a\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u65b9\u6cd5\u306b\u3064\u3044\u3066\u7d39\u4ecb\u3055\u305b\u3066\u9802\u304d\u307e\u3057\u305f\u304c\u3001
\n\u4fee\u6b63\u7248\u306e\u5185\u5bb9\u306b\u3088\u3063\u3066\u306f\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3059\u308b\u3060\u3051\u3067\u306f\u306a\u304f\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u5074\u3067\u306e\u518d\u8a2d\u5b9a\u30fb\u4fee\u6b63\u4f5c\u696d\u3084\u30b5\u30fc\u30d0\u306e
\n\u518d\u8d77\u52d5\u306a\u3069\u304c\u5fc5\u8981\u306b\u306a\u308b\u30b1\u30fc\u30b9\u3082\u591a\u3005\u3042\u308a\u307e\u3059\u3002
\n\uff08\u4eca\u56de\u306eOpenSSL\u306e\u8106\u5f31\u6027\u306e\u5834\u5408\u3001\u4f7f\u7528\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d0\u5074\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3084\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3067\u306e\u4fee\u6b63\u4f5c\u696d\u304c\u5fc5\u8981\u306b\u306a\u308a\u307e\u3059\u3002\uff09<\/p>\n
\u307e\u305f\u3001\u6ce8\u610f\u70b9\u3068\u3057\u3066\u306f\u3001\u53e4\u3044OS\u306e\u5834\u5408\u3001\u4e0a\u8a18\u306e\u3088\u3046\u306a\u65b9\u6cd5\u3067\u78ba\u8a8d\u3059\u308b\u3068\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u7248\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3066\u3044\u3066\u3082\u3001
\n\u3088\u304f\u3088\u304f\u78ba\u8a8d\u3057\u3066\u307f\u308b\u3068\u3001\u5bfe\u8c61\u306eCVE\u304c\u542b\u307e\u308c\u3066\u3044\u306a\u3044\u30b1\u30fc\u30b9\u304c\u3042\u308a\u307e\u3059\u3002
\n\u305d\u306e\u5834\u5408\u306f\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30b5\u30a4\u30c8\u304b\u3089\u30bd\u30fc\u30b9\u30d5\u30a1\u30a4\u30eb\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u518d\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3092\u884c\u3046\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002
\n\uff08\u5b9f\u969b\u306b\u3069\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u304c\u3001\u3069\u3046\u4fee\u6b63\u3055\u308c\u3066\u3044\u308b\u306e\u304b\u306b\u3064\u3044\u3066\u306f\u3001\u30b5\u30a4\u30c8\u3067\u78ba\u8a8d\u3057\u3066\u4e0b\u3055\u3044\u3002\uff09<\/p>\n
\u25a1OpenSSL\nhttps:\/\/www.openssl.org\/\n<\/pre>\n
\u305d\u306e\u4ed6\u3001\u5b9f\u969b\u306b\u4f5c\u696d\u3092\u884c\u3046\u524d\u306b\u3001AWS\u306e\u3088\u3046\u306a\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306a\u3089\u3070\u3001\u4e88\u3081\u691c\u8a3c\u74b0\u5883\u3092\u69cb\u7bc9\u3057\u3066\u3001
\n\u52d5\u4f5c\u78ba\u8a8d\u306a\u3069\u3082\u884c\u3046\u4e8b\u3082\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3059\u3057\u3001\u5b9f\u74b0\u5883\u30b5\u30fc\u30d0\u306e\u30b9\u30ca\u30c3\u30d7\u30b7\u30e7\u30c3\u30c8\u306a\u3069\u3092\u53d6\u5f97\u3057\u3066\u304a\u3051\u3070\u3001
\n\u6709\u4e8b\u306e\u969b\u306b\u5207\u308a\u623b\u3059\u3053\u3068\u3082\u53ef\u80fd\u3067\u3059\u306e\u3067\u3001\u7686\u3055\u3093\u3082\u3053\u308c\u3092\u6a5f\u4f1a\u306b\u662f\u975e\u304a\u8a66\u3057\u4e0b\u3055\u3044\u3002<\/p>\n
\u203b\u3061\u306a\u307f\u306b\u3001CVE\u3068\u306f\u3001\u69d8\u3005\u306a\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306e\u4fdd\u5b89\u4e0a\u306e\u5f31\u70b9(\u8106\u5f31\u6027)\u306b\u3064\u3044\u3066\u306e\u60c5\u5831\u3092\u53ce\u96c6\u30fb\u516c\u958b\u3057\u3066\u3044\u308b\u3001\u4e16\u754c\u7684\u306b
\n\u8457\u540d\u306a\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u4e00\u3064\u3060\u305d\u3046\u3067\u3059\u3002<\/p>\n
http:\/\/e-words.jp\/w\/CVE.html\nhttp:\/\/www.ipa.go.jp\/security\/vuln\/CVE.html\n<\/pre>\n
\u4ee5\u4e0a<\/p>\n","protected":false},"excerpt":{"rendered":"
\u3053\u3093\u3061\u306b\u306f\u3002irihara\u3067\u3059\u3002\u4e45\u3057\u3076\u308a\u306e\u6295\u7a3f\u306b\u306a\u308a\u307e\u3059\u3002 \u3053\u3053\u6700\u8fd1\u3001OpenSSL\u306a\u3069\u3067\u8106\u5f31\u6027\u304c\u6b21\u3005\u3068\u660e\u3089\u304b\u306b\u306a\u308a\u3001\u305d\u306e\u5ea6\u306b\u3001\u60c5\u5831\u53ce\u96c6\u306a\u3069\u306e\u5bfe\u5fdc\u306b\u8ffd\u308f\u308c\u3066\u3044\u308b \u30b7\u30b9\u30c6\u30e0\u7ba1\u7406\u8005\u306e\u65b9\u3005\u3082\u591a\u3044\u306e\u3067\u306f\u306a\u3044\u3067\u3057\u3087\u3046\u304b\u3002 http…<\/p>\n","protected":false},"author":1,"featured_media":442,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_locale":"ja","_original_post":"3474","footnotes":""},"categories":[7,72],"tags":[],"class_list":{"0":"post-3474","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"category-vulnerable","9":"ja"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts\/3474","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/comments?post=3474"}],"version-history":[{"count":9,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts\/3474\/revisions"}],"predecessor-version":[{"id":3487,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts\/3474\/revisions\/3487"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/media\/442"}],"wp:attachment":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/media?parent=3474"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/categories?post=3474"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/tags?post=3474"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}