Ike.ninja

(Aug 7) Update to 2.49.4 Based on the Firefox/Thunderbird ESR (extension support release) code version 52.9.1 Fixes various security issues, see https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ and https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ for more info.

(Aug 7) GnuPG could be made to expose sensitive information.

Mobile users are a huge online traffic source, so you should optimize your sites for mobile. We have a mobile optimization checklist to tick off as you go.

The post Are all your sites mobile-friendly? Your mobile optimization checklist appeared first on Plesk.

(Aug 3) Enrico Zini discovered a vulnerability in Syntastic, an addon module for the Vim editor that runs a file through external checkers and displays any resulting errors. Config files were looked up in the current working directory which could result in arbitrary

(Jul 31) An update for xmlrpc is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

The staging environment vs test environment – what’s the difference? Learn which is which and why both are equally important for a website.

The post How to get your team to adopt your coding standards appeared first on Plesk.

(Aug 5) Andreas Hug discovered an open redirect in Django, a Python web development framework, which is exploitable if django.middleware.common.CommonMiddleware is used and the APPEND_SLASH setting is enabled.

(Jul 31) An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact

(Aug 5) It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data.

(Aug 4) Jann Horn discovered a directory traversal vulnerability in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of this flaw to retrieve arbitrary files via a specially crafted request, when ‘enable-http-clone=1’ (default) is not turned off.

(Aug 3) Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

(Aug 2) Update to 2.26, fixes CVE-2018-9275

(Aug 2) Several security issues were fixed in ClamAV.

(Jul 30) An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

We are pleased to announce the immediate availability of WordPress 4.9.8.  This maintenance release fixes 46 bugs, enhancements and blessed tasks, including updating the Twenty Seventeen bundled theme. Following are the highlights of what is now available. “Try Gutenberg” callout Most users will now be presented with a notice in their WordPress dashboard. This “Try Gutenberg” […]