(Jan 8) An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
Archive for January, 2013
(Jan 9) It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and [More…]
(Jan 9) Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to “safe”. For the stable distribution (squeeze), this problem has been fixed in [More…]
(Jan 10) The system could be made to leak sensitive system information.
(Jan 10) The system could be made to leak sensitive system information.
(Jan 8) An updated openshift-origin-node-util package that fixes two security issues is now available for Red Hat OpenShift Enterprise 1.0. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Jan 9) Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Jan 8) Yury Dyachenko discovered that Zend Framework uses the PHP XML parser in an insecure way, allowing attackers to open files and trigger HTTP requests, potentially accessing restricted information. [More…]
(Jan 4) joernchen of Phenoelit discovered that rails, an MVC ruby based framework geared for web application development, is not properly treating user-supplied input to “find_by_*” methods. Depending on how the ruby on rails application is using these methods, this allows an attacker [More…]
(Jan 8) Several security issues were fixed in Firefox.
(Jan 8) Several security issues were fixed in Thunderbird.
(Jan 8) Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
(Jan 9) An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Jan 6) Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries (nss) mis-issued two intermediate CA’s which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate [More…]
(Jan 5) Two security issues have been discovered in Weechat a, fast, light and extensible chat client: CVE-2011-1428 [More…]
(Jan 8) Updated gtk2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More…]
(Jan 8) Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More…]
(Jan 6) Jann Horn discovered that users of the CUPS printing system who are part of the lpadmin group could modify several configuration parameters with security impact. Specifically, this allows an attacker to read or write arbitrary files as root which can be used to elevate privileges. [More…]
(Jan 6) KB Sriram discovered that GnuPG, the GNU Privacy Guard did not sufficiently sanitise public keys on import, which could lead to memory and keyring corruption. [More…]
In the January 2013 survey we received responses from 629,939,191 sites. Apache continued its decline in market share that began in mid-2012, now having 100 million fewer hostnames than in June 2012: it still retains a clear majority at 55.26% of the market. Both within the million busiest sites and on the internet as a whole, […]
The January issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
There Are No Limits…, by Dianne Henning
Feature Stories
The Beginning: A New Joomla User Tells Her Story, by Renea Leathers
JWC 12 – An Unexpected Journey, by Olivier NOLBERT
Join a JUG, by Richard Pearce
Project News
The Joomla Translation Experience, by Helvecio
Developers
The Shift Joomla Needs to Make: My Challenge, by Luke Summerfield
Joomla! 3.0 Extension Development Series: Setting the Stage, by David Hurley
Administrators
The Two Most Important Things You Can do to Secure Your Joomla Site, by Alan Langford
How Secure is Your Joomla! Website?, by Ruth Cheesley
Sitebuilders
What Makes a Website Memorable?, by Pete Juratovivc
Successful Extension Potluck, JUG Bay Area, California, USA, by Jennifer Gress
How SSL Can Secure and Add Features to Your Joomla! Site, by Alex Andreae
Training Your Clients with Video – Part 1, by Rod Martin
Mobilize Joomla!, by Ali Safaie
Business Matters
The Unbalanced Force in Your Marketing Strategy, by Luke Summerfield
International Stories
Browse the international articles submitted this month.
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
(Dec 29) It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue in being actively exploited. [More…]
(Dec 30) “halfdog” discovered that incorrect interrupt handling in Virtualbox, a x86 virtualization solution – can lead to denial of service. For the stable distribution (squeeze), this problem has been fixed in [More…]
Rank Company site OS Outagehh:mm:ss FailedReq% DNS […]
2012: A Look Back
Another year is coming to a close, and it’s time to look back and reflect on what we’ve accomplished in the past twelve months. The WordPress community is stronger than ever, and some of the accomplishments of the past year are definitely worth remembering. Software Releases We had two major releases of the WordPress web […]