Ike.ninja

A new well-designed phishing email has been aimed at cPanel users recently, and we want to help all of our users stay safe. What is Phishing? Phishing, by definition, is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Phishing emails can be sent to any email address. The most effective phishing emails make use …

Joomla 3.8.9 is now available. This is a security release which addresses 2 security vulnerabilities and contains over 50 bug fixes and improvements.

• Project: Joomla!
• SubProject: CMS
• Impact: Low
• Severity: Low
• Versions: 2.5.0 through 3.8.8
• Exploit type: LFI
• Reported Date: 2018-April-23
• Fixed Date: 2018-June-26
• CVE Number: CVE-2018-12712

Description

Our autoload code checks classnames to be valid, using the “class_exists” function in PHP. In PHP 5.3 this function validates invalid names as valid, which can result in a Local File Inclusion.

Affected Installs

Joomla! CMS versions 2.5.0 through 3.8.8

Solution

Upgrade to version 3.8.9

Contact

The JSST at the Joomla! Security Centre.

(Jun 25) This update fixes multiple security vulnerabilities: CVE-2017-7380, CVE-2017-7381, CVE-2017-7382, CVE-2017-7383, CVE-2017-5852, CVE-2017-5853, CVE-2017-6844, CVE-2017-5854, CVE-2017-5855, CVE-2017-5886, CVE-2018-8000, CVE-2017-6840, CVE-2017-6842, CVE-2017-6843, CVE-2017-6845, CVE-2017-6847, CVE-2017-6848, CVE-2017-7378, CVE-2017-7379, CVE-2017-7994, CVE-2017-8054,

(Jun 25) An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from