NVD Vulnerability Detail

CVE-2015-3183

Summary	The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
Publication Date	July 21, 2015, 8:59 a.m.
Registration Date	Jan. 26, 2021, 2:49 p.m.
Last Update	Nov. 21, 2024, 11:28 a.m.

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:N/I:P/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	低
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:apache:http_server::::::::	2.2.0			2.2.31
cpe:2.3:a:apache:http_server::::::::	2.4.0			2.4.16

Related information, measures and tools

No	URL	タグ
1	http://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
2	http://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
3	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735	Third Party Advisory
4	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735	Third Party Advisory
5	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Mailing List
6	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Mailing List
7	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html	Mailing List
8	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html	Mailing List
9	http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html	Third Party Advisory
10	http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html	Third Party Advisory
11	http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List Third Party Advisory VDB Entry
12	http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List Third Party Advisory VDB Entry
13	http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List Third Party Advisory VDB Entry
14	http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List Third Party Advisory VDB Entry
15	http://rhn.redhat.com/errata/RHSA-2015-1666.html	Third Party Advisory
16	http://rhn.redhat.com/errata/RHSA-2015-1666.html	Third Party Advisory
17	http://rhn.redhat.com/errata/RHSA-2015-1667.html	Third Party Advisory
18	http://rhn.redhat.com/errata/RHSA-2015-1667.html	Third Party Advisory
19	http://rhn.redhat.com/errata/RHSA-2015-1668.html	Third Party Advisory
20	http://rhn.redhat.com/errata/RHSA-2015-1668.html	Third Party Advisory
21	http://rhn.redhat.com/errata/RHSA-2015-2661.html	Third Party Advisory
22	http://rhn.redhat.com/errata/RHSA-2015-2661.html	Third Party Advisory
23	http://rhn.redhat.com/errata/RHSA-2016-0061.html	Third Party Advisory
24	http://rhn.redhat.com/errata/RHSA-2016-0061.html	Third Party Advisory
25	http://rhn.redhat.com/errata/RHSA-2016-0062.html	Third Party Advisory
26	http://rhn.redhat.com/errata/RHSA-2016-0062.html	Third Party Advisory
27	http://rhn.redhat.com/errata/RHSA-2016-2054.html	Third Party Advisory
28	http://rhn.redhat.com/errata/RHSA-2016-2054.html	Third Party Advisory
29	http://rhn.redhat.com/errata/RHSA-2016-2055.html	Third Party Advisory
30	http://rhn.redhat.com/errata/RHSA-2016-2055.html	Third Party Advisory
31	http://rhn.redhat.com/errata/RHSA-2016-2056.html	Third Party Advisory
32	http://rhn.redhat.com/errata/RHSA-2016-2056.html	Third Party Advisory
33	http://www.apache.org/dist/httpd/CHANGES_2.4	Vendor Advisory
34	http://www.apache.org/dist/httpd/CHANGES_2.4	Vendor Advisory
35	http://www.debian.org/security/2015/dsa-3325	Third Party Advisory
36	http://www.debian.org/security/2015/dsa-3325	Third Party Advisory
37	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch
38	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch
39	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Mailing List Third Party Advisory
40	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Mailing List Third Party Advisory
41	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch Third Party Advisory
42	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch Third Party Advisory
43	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	Third Party Advisory VDB Entry
44	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	Third Party Advisory VDB Entry
45	http://www.securityfocus.com/bid/75963	Third Party Advisory VDB Entry
46	http://www.securityfocus.com/bid/75963	Third Party Advisory VDB Entry
47	http://www.securityfocus.com/bid/91787	Third Party Advisory VDB Entry
48	http://www.securityfocus.com/bid/91787	Third Party Advisory VDB Entry
49	http://www.securitytracker.com/id/1032967	Third Party Advisory VDB Entry
50	http://www.securitytracker.com/id/1032967	Third Party Advisory VDB Entry
51	http://www.ubuntu.com/usn/USN-2686-1	Third Party Advisory
52	http://www.ubuntu.com/usn/USN-2686-1	Third Party Advisory
53	https://access.redhat.com/errata/RHSA-2015:2659	Third Party Advisory
54	https://access.redhat.com/errata/RHSA-2015:2659	Third Party Advisory
55	https://access.redhat.com/errata/RHSA-2015:2660	Third Party Advisory
56	https://access.redhat.com/errata/RHSA-2015:2660	Third Party Advisory
57	https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6	Third Party Advisory
58	https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6	Third Party Advisory
59	https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73	Third Party Advisory
60	https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73	Third Party Advisory
61	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246	Third Party Advisory
62	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246	Third Party Advisory
63	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789	Third Party Advisory VDB Entry
64	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789	Third Party Advisory VDB Entry
65	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
66	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
67	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
68	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
69	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
70	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
71	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
72	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
73	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
74	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
75	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
76	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
77	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
78	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
79	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
80	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
81	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
82	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
83	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
84	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
85	https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
86	https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
87	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
88	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
89	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
90	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
91	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
92	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
93	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
94	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
95	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
96	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
97	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
98	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
99	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
100	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
101	https://puppet.com/security/cve/CVE-2015-3183	Third Party Advisory
102	https://puppet.com/security/cve/CVE-2015-3183	Third Party Advisory
103	https://security.gentoo.org/glsa/201610-02	Third Party Advisory
104	https://security.gentoo.org/glsa/201610-02	Third Party Advisory
105	https://support.apple.com/HT205219	Third Party Advisory VDB Entry
106	https://support.apple.com/HT205219	Third Party Advisory VDB Entry
107	https://support.apple.com/kb/HT205031	Third Party Advisory VDB Entry
108	https://support.apple.com/kb/HT205031	Third Party Advisory VDB Entry

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html
2	CWE-17	コード	https://cwe.mitre.org/data/definitions/17.html

JVN Vulnerability Information

Apache HTTP Server のチャンク形式転送コーディングの実装における HTTP リクエストスマグリング攻撃を実行される脆弱性

Title	Apache HTTP Server のチャンク形式転送コーディングの実装における HTTP リクエストスマグリング攻撃を実行される脆弱性
Summary	Apache HTTP Server のチャンク形式転送コーディング (chunked transfer coding) の実装は、チャンクヘッダを適切に解析しないため、HTTP リクエストスマグリング攻撃を実行される脆弱性が存在します。補足情報 : CWE による脆弱性タイプは、CWE-17: Code (コード) と識別されています。 http://cwe.mitre.org/data/definitions/17.html
Possible impacts	第三者により、巧妙に細工されたリクエストを介して、HTTP リクエストスマグリング攻撃を実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 15, 2015, midnight
Registration Date	July 22, 2015, 12:19 p.m.
Last Update	July 27, 2016, 4:38 p.m.

Affected System

Apache Software Foundation

Apache HTTP Server 2.4.14 未満

オラクル

Oracle HTTP Server 10.1.3.5

Oracle HTTP Server 11.1.1.7

Oracle HTTP Server 11.1.1.9

Oracle HTTP Server 12.1.2.0

Oracle HTTP Server 12.1.3.0

Oracle Virtualization の Oracle Secure Global Desktop 4.63

Oracle Virtualization の Oracle Secure Global Desktop 4.71

Oracle Virtualization の Oracle Secure Global Desktop 5.2

SPARC Enterprise M3000 サーバ

SPARC Enterprise M4000 サーバ

SPARC Enterprise M5000 サーバ

SPARC Enterprise M8000 サーバ

SPARC Enterprise M9000 サーバ

XCP 1121 未満 (SPARC Enterprise M3000/M4000/M5000/M8000/M9000 サーバ)

アップル

Apple Mac OS X 10.10 から 10.10.4

Apple Mac OS X 10.9.5

macOS Server (旧 OS X Server) 5.0.3 未満 (OS X Yosemite v10.10.5 以降)

日立

Cosminexus HTTP Server

Hitachi Application Server

Hitachi Application Server for Developers

Hitachi Web Server

uCosminexus Application Server

uCosminexus Application Server (64)

uCosminexus Application Server -R

uCosminexus Application Server Express

uCosminexus Application Server Standard-R

uCosminexus Application Server Enterprise

uCosminexus Application Server Smart Edition

uCosminexus Application Server Standard

uCosminexus Developer

uCosminexus Developer 01

uCosminexus Developer Professional

uCosminexus Developer Professional for Plug-in

uCosminexus Developer Standard

uCosminexus Primary Server Base

uCosminexus Primary Server Base(64)

uCosminexus Service Architect

uCosminexus Service Platform

uCosminexus Service Platform (64)

uCosminexus Service Platform - Messaging

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-3183	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
National Vulnerability Database (NVD)
2	CVE-2015-3183	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html
2	CWE-Other	https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther

ベンダー情報

No	Name	URL
Apache httpd 2.4 vulnerabilities
1	Fixed in Apache httpd 2.4.16	http://httpd.apache.org/security/vulnerabilities_24.html
Apple Mailing Lists
2	APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
3	APPLE-SA-2015-09-16-4 OS X Server 5.0.3	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
Apple Security Updates
4	HT205031	https://support.apple.com/en-us/HT205031
5	HT205219	https://support.apple.com/en-us/HT205219
Apple セキュリティアップデート
6	HT205031	https://support.apple.com/ja-jp/HT205031
7	HT205219	http://support.apple.com/ja-jp/HT205219
Changes with Apache
8	Changes with Apache 2.4.14	http://www.apache.org/dist/httpd/CHANGES_2.4
GitHub
9	Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized characters.	https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73
Hitachi Software Vulnerability Information
10	HS15-029	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-029/index.html
Oracle Critical Patch Update
11	Oracle Critical Patch Update Advisory - January 2016	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
12	Oracle Critical Patch Update Advisory - July 2016	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
13	Oracle Critical Patch Update Advisory - October 2015	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
14	Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices	http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html
15	Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices	http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html
16	Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices	http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html
Oracle Technology Network
17	Oracle Solaris Third Party Bulletin - October 2015	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
SECURITY BLOG
18	January 2016 Critical Patch Update Released	https://blogs.oracle.com/security/entry/january_2016_critical_patch_update
19	July 2016 Critical Patch Update Released	http://blogs.oracle.com/security/entry/july_2016_critical_patch_update
20	October 2015 Critical Patch Update Released	https://blogs.oracle.com/security/entry/october_2015_critical_patch_update
ソフトウェア製品セキュリティ情報
21	HS15-029	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-029/index.html

その他

No	Name	URL
JVN
1	JVNVU#99970459	http://jvn.jp/vu/JVNVU99970459/index.html

Change Log

No	Changed Details	Date of change
0	[2015年07月22日] 掲載 [2015年08月31日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：アップル (APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006) を追加ベンダ情報：アップル (HT205031) を追加 [2015年10月05日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：アップル (APPLE-SA-2015-09-16-4 OS X Server 5.0.3) を追加ベンダ情報：アップル (HT205219) を追加参考情報：JVN (JVNVU#99970459) を追加 [2015年11月06日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - October 2015) を追加ベンダ情報：オラクル (Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices) を追加ベンダ情報：オラクル (October 2015 Critical Patch Update Released) を追加ベンダ情報：オラクル (Oracle Solaris Third Party Bulletin - October 2015) を追加 [2015年12月01日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (HS15-029) を追加 [2016年01月28日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：オラクル (Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices) を追加ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - January 2016) を追加ベンダ情報：オラクル (January 2016 Critical Patch Update Released) を追加 [2016年07月27日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - July 2016) を追加ベンダ情報：オラクル (Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices) を追加ベンダ情報：オラクル (July 2016 Critical Patch Update Released) を追加	Feb. 17, 2018, 10:37 a.m.