Developed WordPress Plugins Updated.

2015/03/04

The following 4 plugins were updated in WordPress Repository (wordpress.org). The aims of the update is tested up WordPress 4.1.1. WP Add Mime Types (1.3.3) View-Shortcodes (1.4) WP Hidden Password Protected Pages (1.0.1) WP DS FAQ Plus (1.2.3) About the detail information of the plugins, please see . The source codes are opened to the GitHUB. 4th March, 2015 Chief of Information Processing Office: Kitani.

Announcement of Power distribution work for improving the wireless access points in Inamori Center.

2015/02/18

Dear CSEAS, ASAFAS, CIAS members. I apologize for my announcement delay. Now, the power distribution work for improving the wireless access points in Inamori Center is being done at the following rooms. By this work, A noise may reach to your office. Please cooperate us for improving Wi-Fi environment in Inamori Center. Date: 18th Feb, 2015 14:00 — 19:00 Place: Inamori Hall (3F) middle-sized meeting room (3F) small meeting room I (3F) small meeting room II (3F) Tonantei (2F) Server room (1F) Operation: Power distribution work for improving the Wi-Fi access point in Inamori Center. Today is only the power distribution work. About the upgrade Wi-Fi access point, I will inform...Read More

(Fixed) Trouble of CSEAS E-mail Delay

2015/02/02

Dear all, The Center’s e-mail had been delayed during the following period. I apologize for your inconvenience and my response delay. [Date] 29th January, 2015 12:00 – 2nd February 10:00 [Influence] The receipt of CSEAS e-mail (@cseas.kyoto-u.ac.jp) messages had been delayed. [Reason] CSEAS SPAM filtering system was unstable due to the update of glibc library for coping with the security vulnerability. Now, the delayed messages are being received. However, a part of the mail servers were replied the error message (undelivered message and so on). If you could not receive the needed e-mail during above period, please ask for resending it. 2nd February, 2015 Chief of Information Processing Office: Kitani.

[Emergency countermeasure]: UNIX (Linux) Users – Please apply “glibc” library security patch!

2015/01/29

If you use UNIX OS (including Linux), please apply “glibc” security patch (CVE-2015-0235) as soon as possible. “glibc” library is used by most UNIX OS and software, so the influent area is huge! About the detail information, please see the following related information. Related Information Linux “Ghost” Remote Code Execution Vulnerability (US-CERT) Operation for applying the patch (Redhat Linux with yum) yum update glibc reboot more /etc/sysconfig/clock Please check the timezone. Security Patch Information (Redhat Linux) Redhat Linux ES 5: glibc-2.5-123.el5_11.1: https://rhn.redhat.com/errata/RHSA-2015-0090.html Redhat Linux ES 6: glibc-2.12-1.149: https://rhn.redhat.com/errata/RHSA-2015-0092.html 29th January, 2015 Chief of Information Processing Office: Kitani.

(KUINS) Announcement of Tentative network service suspension

2014/12/25

Dear all, The network center of Kyoto University announced about the urgent network maintenance today. Date: December 25, 2014 0:00 a.m. — 4:00 a.m. Influence: During above period, Kyoto University E-mail including CSEAS Email cannot be received or sent. PPTP connection won’t be available. Wi-Fi connection (MIAKO, eduroam) won’t be available. HP (including CSEAS HP) won’t be sometimes available. 24 December, 2014: Chief of Information Processing Office: Kitani.

(Mac Users) Please check the security update immediately!

2014/12/24

Dear all. Apple announced about OS X NTP Security Update. This is critical vulnerability, so please check the security update as soon as possible if you have Macintosh. This Update is supported by MacOS 10.8, 10.9, 10.10. *If you have old MacOS (10.7 or before), please consider to upgrade MacOS 10.10 as soon as possible. Basically, in case of using MacOS 10.6.8 or above version, the Macintosh can be upgrade to MacOS 10.10. – Please see http://www.apple.com/osx/how-to-upgrade/ . How to check the installation of OS X NTP Security Update. Select “Apple Store” in Apple menu Click on “Update” tab and confirm Software Update. If OS X NTP Security Update is displayed, please “Update” button....Read More

[Local]: Announcement of Network Maintenance (Done)

2014/12/08

Dear CSEAS members, The network maintenance was done by the network center during the following period. [Date]：December 8, 2014 0:00 — 8:00 [Influence Area]：Inamori Center, Library, East and Common building. [Summary]：The network in the influence area had been intermittently unavailable for 10 minutes by the network maintenance during the maintenance period. 8th December, 2014 : Chief of Information Processing Office: Kitani.

[Important]: PLEASE cope with the critical vulnerability regarding secure connection “SSL” (POODLE SSLv3)!

2014/11/14

Dear all, Last month, the critical vulnerability regarding the secure connection (SSL) was discovered. Especially, there is possibility of leaking the private information, a credit card, addresses, password and so on when you access a web browser to secure web sites, such as an online shopping, an online bank, or a local page with password. Countermeasure of not only servers but also PCs are needed!! Have my browser this vulnerability? This is good question! Please access to https://www.poodletest.com. If “Vulnerable” message is displayed, the browser has probably the vulnerability. Please cope with the following operation. How to cope with the vulnerability (for Web browser) Internet Explorer Update/Check Internet Explore to the latest...Read More

[Fixed]: Delayed or Unreached E-mail due to Trouble of Name Service in Kyoto University

2014/11/14

Dear all, According to the announcement from the network center of Kyoto University, During the following period, the e-mail in Kyoto University (including the Center) had been delayed or unreached due to the trouble of Name service in Kyoto University. [Date]: November 11 17:00 — 12 17:00 (for one day) [Influence]: In case of sending or receving the e-mail in Kyoto University, it might be replied the error message, such as “Host Unknown” or “Host not found”. If the error message was received when you or a sender sent the message or you worry, please resends the message. 14th November, 2014 Chief of Information Processing Office: Kitani.

【IT担当者向け】POODLE SSLv3 ウェブ暗号化通信脆弱性への対策メモ

2014/11/12

IT担当者向けに備忘録メモをつけておきます。そのため、細かい説明は割愛し端的に説明します。脆弱性診断テストは必ずしも正しいとは限らない https://www.poodletest.com などについては、ブラウザがSSL v3を有効にしているか無効にしているかの判断しかしません。そのためSSL v3を有効にしつつ、他の手法で回避策を講じている場合、脆弱性があると診断されてしまう場合があります。 Internet Explorerについてインターネットオプションの詳細設定より、TLSのみONにしておいてください。 WindowsXPのInternet Explorer 6では、デフォルトでTLSがOFFになっているので、SSL v3のOFFだけでなく、TLSのONも必要です。 Mozilla Firefoxについてアドオンを使ってうまくいかないようなら、手動で設定を変更してみてください。 URLに「about:config」と入れて、設定を出し、「securty.tls.version.min」の値を「1」にし、TLSしか使わないようにします。なお次期Firefox 34でSSL v3は削除されます。 Google Chromeについて Chrome 40（開発版）では、SSL v3は削除されています。現在38が最新であり6週間に1度メジャーバージョンアップを出すサイクルのため、数カ月先には対...